Ars Technica: Microsoft Outlook shows real person’s contact info for IDN phishing emails

Ars Technica: Microsoft Outlook shows real person’s contact info for IDN phishing emails. “This week, infosec professional and pentester DobbyWanKenobi demonstrated how they were able to trick the Address Book component of Microsoft Office to display a real person’s contact info for a spoofed sender email address by using IDNs. Internationalized Domain Names (IDNs) are domains consisting of a mixed Unicode character set, such as letters from both Latin and Cyrillic alphabets that could make the domain appear identical to a regular ASCII domain.”

Leave a Reply

%d bloggers like this: