A phishing campaign using Office 365 voicemail lures to trick them into visiting landing pages designed to steal their personal information or infect their computers with malware. The phishing emails delivered by the operators behind this series of attacks use the old trick of reversing some of the text elements in the source code and rendering forward within the email displayed to the target, with a twist: this time it involves using Cascading Style Sheets (CSS). Reversing text in an email’s HTML code helps attackers bypass some automated text matching models used by Secure Email Gateways (SEG) use to differentiate between legitimate emails and phishing messages.
Source: Bleeping Copmputer
