116 Gawler Place, Adelaide SA 5000 1800 818 875 [email protected]

How and Why to Block HTM/HTML Attachments in Outlook 365

How and Why to

Block HTM/HTML Attachments in Outlook 365

Microsoft Outlook 365 is one of the most popular business communication tools. However, a particular threat gaining traction is the use of HTM/HTML attachments in emails. This blog post explores why these attachments are dangerous, how hackers exploit them, and why blocking them in Outlook 365 can help safeguard your organisation.

What are HTM/HTML Attachments and Why Are They Dangerous?

HTM/HTML attachments are files written in Hypertext Markup Language (HTML), the standard language for creating web pages. When these files are opened, they are rendered by a web browser or a similar application, allowing them to display text, images, and links just like a standard web page.

While HTM/HTML files are not inherently malicious, they pose a significant threat when used inappropriately. Cyber criminals can exploit these attachments to create realistic-looking phishing emails that deceive users into divulging sensitive information or executing malicious code. These files can mask harmful scripts that trigger unwanted downloads, redirect users to phishing websites, or steal personal information by mimicking legitimate web pages.

Why are they dangerous?
  1. Stealthy and Deceptive: HTM/HTML files can easily masquerade as legitimate websites, making them ideal for phishing attacks.

  2. Execution of Malicious Code: They can contain JavaScript or other active content that executes automatically, potentially infecting the system without the user’s knowledge.

  3. Bypass Traditional Security Measures: HTML attachments often evade basic email filters designed to block more obvious threats like executable files or known malware.
Next Generation Antivirus Advanced Security

How Do Hackers Use HTM/HTML Attachments to Breach MS 365?

Microsoft 365 is a prime target for cyber criminals due to its widespread use by businesses worldwide. Hackers leverage HTM/HTML attachments in several ways to compromise accounts and gain unauthorised access:

  1. Phishing Attacks: Hackers craft emails with HTML attachments designed to resemble login pages of legitimate services. When users enter their credentials, these are captured by the attacker.

  2. Malicious Redirects: Opening an HTM/HTML attachment may redirect the user to a malicious website that downloads malware onto their device, leading to data breaches and system compromise.

  3. Data Exfiltration: HTML files can be coded to send personal data from the victim’s computer directly to the hacker, allowing sensitive information like usernames, passwords, and financial data to be stolen.

  4. Session Hijacking: By capturing session cookies or other sensitive tokens, hackers can take over user sessions and impersonate the victim, accessing confidential resources within the Microsoft 365 environment.
NSEA Image 02

Is Microsoft 365 Safe?

Microsoft 365 provides robust security features, including built-in email protection, advanced threat analytics, and continuous updates to combat emerging threats. However, no system is entirely foolproof, and users remain the core vulnerability.

Microsoft’s security measures include:

  • Advanced Threat Protection (ATP): Scans attachments and links for known malware and suspicious behaviour.

  • Data Loss Prevention (DLP): Monitors and protects sensitive information from unauthorised access.

  • Multi-Factor Authentication (MFA): Adds an extra layer of security beyond just passwords.

Despite these measures, the human element remains the weakest link, as users may inadvertently open malicious attachments or click on harmful links. Therefore, additional steps, like blocking HTM/HTML attachments, are an easy way to bolster security.

microsoft365-Image2

How to block HTM/HTML attachments in Outlook 365

  1. Open Microsoft 365 Admin Center and click Show all… in the navigation panel
  2. Select the Exchange Admin Center
  3. In the Exchange Admin Center, open Mail flow > and choose Rules
  4. Click the + button and select the Create a new rule… option
  5. Name the rule e.g., “Block html attachments”
  6. At the bottom of the new rule windows click options…
  7. In “Apply the rule if…”, select Any attachment…> file extensions includes these words
  8. Add html and htm to the list
  9. In “Do the following…”, select Deliver the message to the hosted quarantine
  10. Click the add action button
  11. Select Notify the recipient with a message…
  12. In the text box add the following:


    <b>Company email security policy has blocked a message because it contained a banned attachment in HTML format:</b><br>
    <br>
    <p style=”margin-left: 40px”>Sent by: %%From%%<br>
    Subject: %%Subject%%<br>
    Sent to: %%To%%<br>
    Date: %%MessageDate%%</p>
    <br>

    If you believe you should be receiving this message, please notify the sender and arrange to receive the attachment by another method.

  13. Click OK and Save. The rule will be created and is activated by default.
RemoveHtml
Adding exceptions/whitelist to the rule for specific domains
  1. Select the rule you created previously
  2. Scroll down to add exception button
  3. In “Except if…” select The sender…> domain is
  4. Add any required domains to the list
  5. Save the rule
RemoveHtml2

Implementing Protection in Outlook 365

To heighten protection for your organisation, consider the following steps:

  • Educate Employees: Regular training sessions on recognising phishing attempts and the dangers of opening unknown attachments.

  • Utilise Email Filters: Configure email filters to automatically block or quarantine HTM/HTML attachments, reducing the likelihood of malicious files reaching users’ inboxes.

  • Enable Advanced Security Features: Take full advantage of Microsoft 365’s security offerings, including ATP and DLP, to provide comprehensive protection against sophisticated threats.

  • Continuous Monitoring and Updates: Keep your security policies and tools updated to respond effectively to new and evolving threats.

Conclusion

While Microsoft 365 offers security features, no system is entirely immune to cyber threats. Blocking HTM/HTML attachments in Outlook 365 is a proactive step that significantly reduces the risk of phishing attacks and malware infections.

To find out more about what you can do to protect your business, contact our Jam Cyber Security Experts!

// Need more help?

Contact our team today.



    This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

    Related Posts:

    Google Rating
    5.0
    Based on 52 reviews
    ×
    js_loader