Microsoft’s suite of workplace application could be abused to launch phishing attacks capable of deceiving even the most nicely-educated net customers, scientists have observed.
Analysts from Bitdefender just lately uncovered that homograph assaults (all those that abuse equivalent-seeking figures for the applications of deception – e.g. Micr0soft) improve a ton extra potent when based mostly on intercontinental area names (IDN), and utilised in opposition to applications other than browsers.
Immediately after tests a number of purposes on their habits when confronted with an IDN homograph assault, the researchers found that all Microsoft Office applications had been vulnerable. That involves all of the productiveness powerhouses: Outlook, Word, Excel, OneNote and PowerPoint.
No patch in sight
In layman’s terms, a menace actor can power Outlook to screen a url that appears certainly respectable, while the person would not be ready to explain to the variance right until the website was opened in their browser. In some conditions, that would be sufficient to result in a malware obtain.
The firm described the challenge to Microsoft again in Oct past yr, and when the Redmond computer software large did accept the danger as true, it is yet to situation a patch.
The excellent news, Bitdefender promises, is that this kind of an attack is not uncomplicated to mount, and is therefore not likely to be made use of at scale. Even now, the exploit could be an very potent weapon for focused assaults, these types of as point out-sponsored risk actors focusing on particular substantial-benefit companies for their passwords (opens in new tab) and other sensitive info.
The situation with homograph attacks is that they abuse the internationalization of the net. In the early times of the world wide web, all area names utilised the Latin alphabet, which has 26 figures. Considering the fact that then, the world wide web grew to contain much more people, which includes, for example, the Cyrillic alphabet (used in Japanese Europe, and Russia). That gave risk actors a broad playground, as by combining different characters, they can produce phishing web sites whose URL looks identical to the legitimate site.