New Office 365 cyberattack on the loose

New Office 365 cyberattack on the loosePhishing scams disguise malicious links and emails as messages from trusted sources. The most recent scam to watch out for almost perfectly imitates a trusted invitation to collaborate through Microsoft SharePoint. It’s a three-step attack that’s easy to avoid if you know how it works.

Step 1 – Invitation to collaborate email

The first thing victims receive from hackers is a message that looks identical to an email from Microsoft’s file sharing platform SharePoint. It says, “John Doe has sent you a file, to view it click the link below…”

In most cases, the sender will be an unfamiliar name. However, some hackers research your organization to make the email more convincing.

Step 2 – Fake file sharing portal

Clicking the link opens a SharePoint file that looks like another trusted invitation from a Microsoft app, usually OneDrive. This is a big red flag since there’s no reason to send an email containing a link to a page with nothing but another link.

Step 2 allows hackers to evade Outlook’s security scans, which monitor links inside emails for possible phishing scams. But Outlook’s current features cannot scan the text within a file linked in the email. Once you’ve opened the file, SharePoint has almost no way to flag suspicious links.

Step 3 – Fake Office 365 login page

The malicious link in Step 2 leads to an almost perfect replica of an Office 365 login page, managed by whoever sent the email in Step 1. If you enter your username and password on this page, all your Office 365 documents will be compromised.

Microsoft has designed hundreds of cybersecurity features to prevent phishing scams and a solution to this problem is likely on the way. Until then, you can stay safe with these simple rules:

  • Check the sender’s address every time you receive an email. You might not notice the number one in this email at first glance: [email protected]
  • Confirm with the sender that the links inside the shared document are safe.
  • Open cloud files by typing in the correct address and checking your sharing notifications to avoid fake collaboration invitations.
  • Double check a site’s URL before entering your password. A zero can look very similar to the letter ‘o’ (e.g. 0ffice.com/signin).

Third-party IT solutions exist to prevent these types of scams, but setting them up and keeping them running requires a lot of time and attention. Give us a call today for information about our unlimited support plans for Microsoft products.

 

Source

Steve Gaharan on EmailSteve Gaharan on FacebookSteve Gaharan on Linkedin
Steve Gaharan
COO at CPTech LLC
I'm the COO of CPTech, LLC. A locally private owned IT consulting firm located in Dallas, TX. About 4 years ago the dangers of data breaches and cybercrimes scared me to death and I realized I needed to not just focus on superior IT services, but to become a cyber security expert. Not just for my client’s data alone, but their computer network as a whole. Every day I read about compromised data and how widespread the problem is, and I know that the decision to stay on top of the ever-changing lava lamp appearance of threats is the best decision I have made. We do offer customized budget friendly IT solutions and act as the IT department for small to large companies. We can also work alongside your current IT department to give an outsiders opinion on how your IT infrastructure is configured. But if you are looking for a result driven professional, leading a team of professionals, with a focus on security, data protection, and helping solve the problem – then we have you covered.