.. /.Html

Phishing
Script
Double Click

Contributors:

mr.d0x

Description:

HTML or Hypertext Markup Language files are used to create webpages. They are often used by attackers to spoof a webpage or execute JavaScript to redirect users.

OS:

Wndows
Mac
Linux

Recommendation:

Block the download of HTML files when delivered through email and change the default application for HTML files to a text editor such as Notepad.

Resources:

https://www.avanan.com/blog/phishing-trend-targeting-office-365-uses-html-attachments
https://www.trendmicro.com/en_ca/research/17/g/html-attachments-phishing-used-bec-attacks.html

File Samples: