Math Helps Phishing Campaign Evade Detection, Steals Office 365 Logins

Published: February 02, 2022 on our newsletter Security Fraud News & Alerts Newsletter.



It’s no secret that phishing scammers try anything to help their emails evade detection. In this latest twist, hackers were found adding mathematical symbols into a company logo design heading at the top of a phishing email. It’s a way to evade security software and land the phishing email into inboxes – it’s a sneaky tactic and it’s working. Analysts at INKY discovered the phishing campaign hiding math symbols in a Verizon logo as the first step to stealing Office 365 login credentials from victims. This campaign also uses other known tricks to lure victims, including a button to click that leads to a malicious Verizon web page chock-full of deception.



Phishing emails impersonating companies are a nagging security problem especially since a company sees an average of 90 bogus domains a month claiming to be their real home page. Companies see their logos used as a lure of legitimacy even though a closer look at the logo tends to scream “fake!” And as with this latest campaign and countless others, most users don’t take the time to check for the telltale signs of email phishing before diving in. These bogus sites are often created to steal PII (personally identifiable information) and install any number of malware viruses. PhishMe Research finds ransomware is present in over 97% of all phishing emails and another reason to be on guard.



It’s a phishing jungle out there and those best prepared to ferret-out the fake from the real are more likely to avoid the scams and stay safe. Although these campaigns may use original ways to escape detection, such as with math in the above case, other phishing red flags are waving. Since we’re all potential victims, we need to be aware of what to look for as well as what not to fall for with email phishing.


Apply common sense before providing sensitive information and other PII. An email from your internet supplier, bank, retail, or other accounts asking you to verify PII should always be suspect.


Check the email request yourself. Carefully type in the website name and never follow links or click buttons in the email. One small URL typo can bring you to a duplicate, malicious website created to snare typo-typers. Bookmarking the real URL is a quick and safe way to get to your important sites in the future.


Check to see if your PII is truly needed. Whatever the account may be, logging in to the true website should alert you to any legitimate requests or verifications for PII.


Make sure a website is safe and secure. Secure website domains start with “https” and have a closed lock symbol to the left of the domain address.


Be aware of poor graphics, bad grammar, and typos. Email phishers may be sneaky with a con, but they’re not known for stellar graphics and command of the English language


“When in doubt, throw it out” is the best advice of all. Even the smallest hesitation an email may not be legit is all the reason you need to toss it in the trash without opening it.


Keep up to date: Sign up for our Fraud alerts and Updates newsletter

Want to schedule a conversation? Please email us at advisor@nadicent.com


7 views0 comments