Microsoft warns of a new technique to sneak Phishing
Microsoft alerts of new Phishing campaigns
From Microsoft they have reported that they have seen an increase in malicious campaigns that are based on HTTP Request Smuggling, which attacks how a website processes HTTP request sequences. It must be borne in mind that they are vulnerabilities that in many cases are critical in nature, which is why attackers manage to bypass security measures.
This type of threat is capable of putting different types of devices at risk . For example it can affect a web server, proxy or firewall. It is not a new technique, but it has been refining its attacks over time and reaching more systems.
In this case, the Phishing campaigns use HTML5 and JavaScript . They are capable of hiding malicious payloads in encoded strings within an HTML file or on a website. The browser then decodes those strings when a user opens an attachment or clicks a link.
The main risk with this type of technique is that in many cases the antivirus is not able to detect them. Antivirus engines have a database with previously discovered threats, but in case it is something new and has not been previously discovered, things get complicated.
An example of all this could be an HTML attachment that could include a harmless link that leads to another website that is theoretically legitimate and has no danger. However, when the user clicks there JavaScript will decode an encrypted string and turn it into a really dangerous attachment.
This could lead to the theft of data, passwords, sneaking malware ... It is a technique that, ultimately, can put our privacy and security in serious danger.
How to avoid these types of attacks
So what can we do to prevent security attacks of this type? The most important thing is always going to be common sense . We must avoid making mistakes such as opening an attachment that we have received by email, installing a program from unofficial sources, etc.
For example, avoid ZIP attachments that contain JavaScript, files that have passwords, or suspicious script codes. In all these cases it is very important to avoid them and not make mistakes, as indicated by Microsoft. This will help us reduce risk.
On the other hand, it is very important to have a good antivirus , which is up-to-date, as well as having the latest versions of the operating system to avoid any type of threats . This will prevent the entry of many threats that could put computers at risk.