Researchers Bypass Microsoft 365 Anti-Phishing Measures By Manipulating First Contact Safety Tip

Researchers have discovered a way to bypass Microsoft 365’s anti-phishing First Contact Safety Tip feature, raising concerns about the effectiveness of the application’s security measures. By manipulating the email’s HTML code using CSS, attackers can hide the safety tip from users, making it easier to deceive them with phishing emails.

The vulnerability lies in the ability to change the background and font colors of the safety tip, effectively rendering it invisible to the recipient. Researchers from Certitude were able to demonstrate this flaw by altering the email’s styling, making the safety tip undetectable to the user.

Building upon their findings, the researchers were also able to spoof the icons used by Outlook to indicate encrypted or signed emails, further complicating the detection of phishing attempts. Despite responsibly disclosing these issues to Microsoft, the tech giant chose not to address the vulnerabilities immediately, citing their focus on future product improvements.

This discovery serves as a reminder that no security system is foolproof, and users should remain vigilant against phishing attacks. Individuals can protect themselves by being cautious of emails from unknown senders, checking for unusual formatting or spelling errors, and verifying the authenticity of emails before taking any action.

Organizations relying on Microsoft 365 can enhance their security measures by implementing additional safeguards to complement existing anti-phishing features. As cyber threats continue to evolve, it is crucial for both individuals and businesses to stay informed and proactive in protecting their data and systems.