Outlook Attachments
Attackers can compose an email on Outlook (or O365) and attach a file and then use the file's download link to directly download the file. Restricted file types would first need to have their file extension modified (e.g. mimikatz.exe becomes mimikatz.exe.txt) and then upon download the file extension is modified back to the original extension.
#outlook #attachments #redteam #phishing
Attackers can compose an email on Outlook (or O365) and attach a file and then use the file's download link to directly download the file. Restricted file types would first need to have their file extension modified (e.g. mimikatz.exe becomes mimikatz.exe.txt) and then upon download the file extension is modified back to the original extension.
1. Compose an emailLink is valid for ~15 minutes.
2. Attach a file (add .txt to the end if it's a restricted file type)
3. Click on the file to download it and grab the link (attachment.outlook.live.net or attachment.office.net)
#outlook #attachments #redteam #phishing
Custom Previews For Malicious Attachments
A phishing technique that allows attackers to create fake previews for their malicious attachment with Google Mail.
https://mrd0x.com/phishing-google-users-by-spoofing-previews/
#phishing #gmail #attachments
A phishing technique that allows attackers to create fake previews for their malicious attachment with Google Mail.
https://mrd0x.com/phishing-google-users-by-spoofing-previews/
#phishing #gmail #attachments