A new phishing technique has been released called ZeroFont, which allows an attacker to bypass Microsoft’s Advanced Email Threat Protection and other AI systems. This new type of phishing attack was discovered by Security Researchers at Avanan.
According to researchers, the flaw of the detection is within the algorithm used to detect the phishing emails. The attacker can simply insert random font size zero throughout the phishing email message and the algorithm mistakenly marks the altered text as rubbish and skips over the text.
Read more: The Hacker News
The ZeroFont is only one of many tactics that attackers use in social engineering emails used to bypass security and the human factor. Ultimately your company should have a solid Security Framework in place which also includes Security Awareness Training and random Phishing Tests on your employees. Statistics show that a consistent Security Training program decreases the odds of a successful phishing attack.
Remember to always Think before you Click!!!!!
Falcon Network Service’s Security Awareness Training program encompasses a complete training framework to prepare your employees for these types of threats and strengthens your companies Human Factor.
Our Security Awareness Training Program includes:
- Security and Compliance Training videos that are updated every quarter.
- Phishing tests against your employees, which get more difficult as they progress through the training.
- Additional training for employees who click on any of the Phishing test emails.
- Random Vishing tests will be conducted on the employee’s desk phones.
For more information visit: https://mssp.fns1.com/security-services/security-awareness-training
OUR SECURITY SERVICES INCLUDE:
- Risk Assessments
- Penetration Testing
- Web Application Testing
- Security Awareness Training
- Managed SIEM
- Managed Security Services (MSSP)
- Security Consulting