Emerging Phishing Attack Uses HTML Redirection to Bypass Microsoft ATP
Updated: Nov 16, 2020
Avanan researchers have uncovered an emerging phishing technique that has not yet been released by hackers and is still in testing mode on the dark web, but promises to make a lot of headway soon. We're calling this attack: Go HSIPH—or phish in reverse.
The Attack: This brand-new phishing technique leverages the <bdo> tag, or "Bidirectional Text Override." The tag is commonly used to switch the direction of the text. Look at this example of translating English to Hebrew: