Microsoft: Link Hovering Not Enough to Stop Phishing Attacks

Share post:

Microsoft recently warned Office 365 customers not to rely on hovering over links to know whether they are being taken to a dangerous site.

Instead, Microsoft says, users should look into the address bar, advise that comes during a period of increased phishing attacks aimed at stealing usernames and passwords.

The latest attacks have relied on taking advantage of advice given to users to move over a link in an email to check the destination before clicking on it. Attackers instead direct visitors to a trusted destination on a malicious site.

Microsoft clarified: “Once recipients hover their cursor over the link or button in the email, they are shown the full URL. However, since the actors set up open redirect links using a legitimate service, users see a legitimate domain name that is likely associated with a company they know and trust. We believe that attackers abuse this open and reputable platform to attempt evading detection while redirecting potential victims to phishing sites. Users trained to hover on links and inspect for malicious artifacts in emails may still see a domain they trust and thus click it.”

For more information, read the original story in ZDNet.

SUBSCRIBE NOW

Related articles

DOGE’s Teen Hacker Stirs Concern Over Musk Team’s Access to Federal Databases

A 19-year-old named Edward “Big Balls” Coristine has raised red flags after Wired revealed he holds a key...

Deep Seek and Open Source AI – Without the Hype: Discussion with Robert Falzon, Head of Engineering, Check Point

DeepSeek AI is shaking up the cybersecurity world—are we prepared for the risks? Join host Jim Love and...

Researchers Jailbreak DeepSeek AI, Expose System Prompt and Raise Security Concerns

Security researchers at Wallarm have successfully jailbroken DeepSeek, a recently released open-source AI model from China. The jailbreak...

New SMS Phishing Scam Targets U.S. Toll Road Users with Fake Payment Alerts

Brian Krebs of the Krebs on Security blog did a big piece leading with how residents across the...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways