TIL - right to left override (RLO) handling in MS products

https://krebsonsecurity.com/2023/08/teach-a-man-to-phish-and-hes-set-for-life/

So we have a phishing campaign that uses RLO to make a file appear to be named "lme.pdf" when it actually is named "fdp.eml". That leads to a fake MS login page.

Brian Krebs noted this issue first in 2011 so it isn't new. Repeats a few suggestions near the end (don't click on links, go to the site manually) as well.