A new phishing campaign targeting Office 365 users cleverly tries to bypass email security protections by combining chunks of HTML code delivered via publicly hosted JavaScript code. The phishing email and page The subject of the phishing email says “price revision” and it contains no body – just an attachment (hercus-Investment 547183-xlsx.Html) that, at first glance, looks like an Excel document, but is actually an HTML document that contains encoded text pointing to two URLs … More

The post Office 365 phishing campaign uses publicly hosted JavaScript code appeared first on Help Net Security.

By admin