Como reconocer Link Preview Bypass in Outlook Junk Folder Can Hide Phishing Links from Users?

TLDR

A newly documented technique allows phishing emails to bypass Outlook's Junk folder link preview, which many users rely on to safely inspect suspicious messages. The attack exploits the fact that the link preview mechanism only parses...

Como funciona

Señales de alerta

An email in the Junk folder shows no visible links despite having clickable looking text (e.g., "VIEW APRIL SALARY INCREASE") The sender uses urgent or enticing themes (salary increases, invoices, package deliveries) to prompt clicking A link preview in Junk folder fails to resolve or shows nothing—do not assume the message is safe

Qué hacer

1Always manually hover over any hyperlink to verify its true destination before clicking, even in the Junk folder Move suspicious messages back to the Inbox to see all links as displayed normally—or better, delete them without op

Fuente

sans-isc

Fuente verificada por Mythos Forensic Team

https://isc.sans.edu/diary/rss/32990

FAQ

Es Link Preview Bypass in Outlook Junk Folder Can Hide Phishing Links from Users una estafa real?

Si. Trata el mensaje, la llamada o la solicitud de pago como sospechosos hasta que los verifiques por un canal oficial.

Cuales son las primeras senales?

An email in the Junk folder shows no visible links despite having clickable looking text (e.g., "VIEW APRIL SALARY INCREASE") The sender uses urgent or enticing themes (salary increases, invoices, package deliveries) to prompt clicking A link preview in Junk folder fails to resolve or shows nothing—do not assume the message is safe

Que debo hacer primero?

Always manually hover over any hyperlink to verify its true destination before clicking, even in the Junk folder Move suspicious messages back to the Inbox to see all links as displayed normally—or better, delete them without op

Puede LegalAudit revisar mi caso?

Si. Abre el chat gratis y pega el mensaje, el enlace, el remitente o los datos de pago para un triage.