Thank you for sharing!

Your article was successfully shared with the contacts you provided.
Phishing attacks target Microsoft Office 365 (Image: Shutterstock).

New York based Avanan identified a new phishing outbreak, The NoRelationship Attack, that bypasses Office 365 email attachment security, which scan Office documents like Word (.docx), Excel (.xlsx), and PowerPoint (.pptx).

Avanan, which delivers a cloud security platform, described how the phishing attack bypasses Exchange Online Protection URL filters. The attack emails include a .docx attachment containing a malicious link that leads to a credential harvesting login page. Link parsers not scanning the full document, but instead depending on a relationship file for the list of links included in the attachment, fail to identify the malicious URL.

Roy Urrico

Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).

More from this author


Credit Union Times

Join Credit Union Times

Don’t miss crucial strategic and tactical information necessary to run your institution and better serve your members. Join Credit Union Times now!

  • Free unlimited access to Credit Union Times' trusted and independent team of experts for extensive industry news, conference coverage, people features, statistical analysis, and regulation and technology updates.
  • Exclusive discounts on ALM and Credit Union Times events.
  • Access to other award-winning ALM websites including TreasuryandRisk.com and Law.com.

Already have an account? Sign In Now
Join Credit Union Times

Copyright © 2021 ALM Media Properties, LLC. All Rights Reserved.