Jump directly to the content
ON ALERT

Urgent warning to Microsoft Office users over “homograph attacks” which can expose data & why you must check spellings

SECURITY experts have delivered an urgent warning to Microsoft Office users about "homograph attacks".

The breach allows malware to be downloaded that can expose your data.

Cybersecurity experts delivered an urgent warning to Microsoft Office users about a potentially damaging phishing attack
1
Cybersecurity experts delivered an urgent warning to Microsoft Office users about a potentially damaging phishing attackCredit: AFP

 is one of the most widely used suite of office-related applications in the world.

Thanks to its global popularity, it's also a constant target for hackers.

Recently, analysts from Romanian cybersecurity firm discovered that Microsoft's platform of office software could be abused to launch phishing attacks.

Bitdefender added that the attacks are targeted at users of Outlook, Word, Excel, OneNote and PowerPoint.

More on cyber hacks

US confirms military hackers are supporting Ukraine
CYBER WAR

US confirms military hackers are supporting Ukraine

Called "homograph attacks," they are said to be smart enough to trick even the most internet-savvy. So, it's vital that users be extra careful and understand what to look out for.

What is a homograph attack?

Homograph attacks misuse similar-looking characters to deceive users (eg using a "zero" in G00GLE, instead of the letter "o" in GOOGLE). The difference is slight, but the potential of these attacks increases when they are based on international domain names (IDN).

In a disturbing discovery, Bitdefender analysts found that all Microsoft Office applications are unprotected against such attacks.

Most read in The US Sun

Suspect in judge's murder identified and new details on 'targeted' killing
SHOCK ATTACK

Suspect in judge's murder identified and new details on 'targeted' killing

The attacks tend to exploit the globalization of the internet. Previously, all web domains used the Latin alphabet, which consisted of 26 characters.

However, the internet has now expanded to include more characters that include the Cyrillic alphabet (used in Eastern Europe and Russia). This allowed hackers to combine different characters and create phishing sites with URLs that look very similar to the authentic website.

What to look out for

Hackers and bad actors can force Microsoft Office apps, like Outlook, to show a link that looks legitimate.

Users may not be able to tell the difference until the site is opened in their browser. In some cases, as users land on these malicious websites, it triggers a malware download.

There is some good news, however.

Bitdefender claims that a homograph attack is not easy to carry out, and is unlikely to be used at scale.

Read More On The Sun

Judge executed at home in "domestic terror" attack as cops find "hit list"
SHOCK KILLING

Judge executed at home in "domestic terror" attack as cops find "hit list"

However, it warns the vulnerability can be abused as a highly potent weapon for targeted attacks, like state-sponsored cyber attackers targeting certain high-value companies to hack their passwords and other sensitive data.

Bitdefender reported the issue to Microsoft in October 2021 and the tech giant acknowledged the threat as real. However, it has yet to issue a patch to fix the vulnerability.

We pay for your stories!

Do you have a story for The US Sun team?

Email us at exclusive@superstarpublishers.com or call 212 416 4552. Like us on Facebook at  and follow us from our main Twitter account at 

Topics