😈 [ Louis Dion-Marcil @ldionmarcil ]
Outlook for Windows can be tricked into displaying a fake domain, but open another one. Add a <base> tag with a fake domain + left-to-right mark (U+200E)
Links in <a> tags will show the fake domain, but open the real domain.
No need to buy .zip! :) Convincing #phishing #redteam
🐥 [ tweet ]
Outlook for Windows can be tricked into displaying a fake domain, but open another one. Add a <base> tag with a fake domain + left-to-right mark (U+200E)
Links in <a> tags will show the fake domain, but open the real domain.
No need to buy .zip! :) Convincing #phishing #redteam
🐥 [ tweet ]
🔥5👍1🥱1