According to a report by BleepingComputer, a threat actor started using Morse code last week to bypass mail gateways and filters by hiding malicious URLs.
The attack reported through a Reddit post starts with an email containing a HTML attachment that looks like a spreadsheet-type invoice.
The script and HTML attachment work together to create a fake spreadsheet that requires users to sign-in and enter their passwords again. Users are then directed to a site that collects the login credentials.
To make the login form look real, attackers are using logos for the recipient’s companies and Office365. The online portal has identified eleven companies that have fallen prey to this attack.
Once a user enters their password, the form will submit the password to a remote site where the attackers can collect the login credentials.
Morse Code is a way of representing letters of the alphabet, numerals, and punctuation marks by an arrangement of dots, dashes. It was typically used over radio communication systems.
An example of Morse code is shown below :-