top of page

Emerging Phishing Attack Uses HTML Redirection to Bypass Microsoft ATP

Updated: Nov 16, 2020

Avanan researchers have uncovered an emerging phishing technique that has not yet been released by hackers and is still in testing mode on the dark web, but promises to make a lot of headway soon. We're calling this attack: Go HSIPH—or phish in reverse. 

The Attack:  This brand-new phishing technique leverages the <bdo> tag, or "Bidirectional Text Override." The tag is commonly used to switch the direction of the text. Look at this example of translating English to Hebrew: 

21 views0 comments
bottom of page