Phishing attackers are using Morse code to hide malicious URLs in an HTML attachment. The Morse code enables the phishing email to bypass secure mail gateways and filters.
- Morse code encodes text characters as sequences of dots and dashes.
- The phishing email pretends to be an invoice from the company where the target works.
- The HTML attachment appears to be an Excel invoice that prompts victims to enter their password again, which is then harvested by the attackers.
- The attachment uses a double extension, so enabling Windows file extensions can help spot suspicious attachments.