1310 Nowell Road
Raleigh, NC 27607
Hackers have discovered an innovative method of getting those malicious URLs in their emails past Office 365’s security protocols. This was first revealed by Avanan, a company that deals in internet security. Avanan says that cybercriminals are now using a tag in the HTML header employed with a URL to by-pass security and infect a computer with malware.
Officials at Avanan explained further. “At one time, email clients did not support the tag, so every link needed to be an absolute URL. Support for relative URLs in email is a recent development and the behavior is client dependent. Older email clients will ignore the tag, but web-based email clients, recent desktop clients and most mobile apps will now handle the tag and recombine the URL into a clickable link.”
Office 365’s Advanced Threat Protection provides a feature called “Safe Links” that compares a link found in an email against those on a blacklist. This feature was designed to catch and stop a malicious link. It was working well for all MS products until hackers discovered this workaround.
The new technique has been dubbed “baseStriker” and it’s aimed at those using Microsoft Outlook. Malicious messages can now bypass the filters included in Microsoft products using the tag.
The new baseStriker program splits the malicious URL so that Microsoft’s product, Safe Links, cannot detect that it points to a malicious URL. Safe Links checks the base domain, ignoring the rest, thereby allowing the user to move on to the phishing site. A few security solutions do protect users against these new cyber-threats, including Mimecast and Proofpoint.
As part of Microsoft’s Office 365 Advanced Threat Protection (ATP), Safe Links was designed to provide a strong layer of protection against malicious links embedded in documents and emails. Microsoft diligently updates the software so that it consistently protects against the latest cyber threats. The software works by determining if a link is malicious, then replacing the bad link and alerting the user. Up to now, ATP has been considered state-of-the-art protection against phishing scams.
Officials at Microsoft were contacted by Security Week and they issued a brief statement that said, “We encourage customers to practice safe computing habits by avoiding opening links in emails from senders they don’t recognize.” They also said they were investigating the claims about the new hack.
In the meantime, all security experts discourage users from clicking links found in emails—even if they seem to be from a reliable source. Best Practice for internet security is to always navigate to a web page the old-fashioned way. Open a new browser page and type in the web address. Get in the habit of glancing up to the browser line and making sure it says what it should. Periodic security awareness training is also recommended. This is a good way to remind users about the many phishing scams and malware that constantly threaten users.
The baseStriker hack may be used in other email programs as well. This has caused all email service providers to begin checking to make sure their security protocols are still intact and working as expected. This is a timely reminder to everyone that crooks are constantly searching for any vulnerability they can take advantage of. New types of malware, worms, viruses, and ransomware are developed each year. Experts believe that Gmail, along with a few other email clients already have built-in protection for splitting the URL and will not be at risk.
Though all software developers are now working toward shutting down cybercriminals, every type of cyber defense utilizing technology has its weaknesses. The best methods of cybersecurity usually involve training employees about what to look for and remind them often that hackers never take a break from their work.
A new product called Second Chance offers users a way to “roll back” a decision to click a suspicious link. If the user thinks they may have clicked a bad link in a phishing email, now they can stop the process from moving forward. The software checks out any potentially unsafe link the moment you click on it. Then it informs you that you may be navigating to an unsafe website. You can then abort your actions and return to safety. While products like this do help, there are a flood of new worms, ransomware, malware, and phishing scams developed each year by cybercriminals.
Many hackers are now backed by governments the size of China or North Korea, so they have unlimited resources to work with. A Newsweek article reports that Chinese hackers have stolen billions of dollars’ worth of secrets and data from businesses and individuals all over the world. Russia and North Korea are in second and third place when it comes to cyber-theft.
The Newsweek article states that Chinese cyber-aggression toward the United States has evolved rapidly over the last few years. Chinese hackers represent a growing threat to world economies due to their disruptive nature. Today’s battlefield is no longer on actual ground using weapons and artillery. The war is being fought online—on the internet where everyone’s data is sometimes exposed to vast criminal enterprises.
Always at your service to provide the highest level of quality support to our customers.
Anthony Firth Client Engineer
“I’m passionate about building and fostering relationships, and finding solutions for success.”
Michael Koenig Client Account Manager
“I help clients stabilize and grow their IT infrastructure so they can focus on growing their core business.”
Josh Wilshire Systems Engineer Team Lead
“I strive to provide the highest level of quality service to our customers.”
Tommy Williams Sr. Hardware Engineer
“I’m driven by the steadfast belief that technology must serve as a business enabler. This mantra has driven 21
Years of successful partnerships.”
Stephen Riddick VP Sales & Marketing
“CSP doesn’t succeed unless your company succeeds.”
Stephen Allen Inventory Manager
“Through my intuition and genuine concern to help others I have built long-lasting relationships with our customers, co-workers and business partners.”
Scott Forbes VP Support Services
“Every day, I work with clients to help plan the future of their businesses.”
Michael Bowman vCIO
“Your IT problems become our IT solutions.”
Mark McLemore Project Engineer
“Managing internal and external operations to ensure that CSP provides quality and reliable customer service .”
Margie Figueroa Business Manager
“Providing quality internal and externals financial support to our customers and accounting support to CSP.”
Katie Steiglitz Accounting Administrator
“Some call me the CEO. I call myself the Cheerleader for an awesome team!”
William B. Riddick Founder & CEO
“CSP is here to assist you with your IT needs.”
Beth Wylie Inside Sales Manager
On What Questions You Need To Ask Before Signing Any Agreement.
"*" indicates required fields
Raleigh IT Support Company and IT Services Provider | CSP Inc.
1310 Nowell Rd,
Raleigh, NC 27607
Receive email updates and informative marketing materials by subscribing to our newsletter.