Technology Blog »

Office 365 Targeted Spear-Phishing Attacks

New Office 365 Targeted Spear Phishing

Cyber criminals are carrying out a new and highly customized, targeted spear-PHIshing campaign to steal your Office 365 users' credentials and attack organizations internally.

Get yourself informed and read on.

What Makes this Different from other Phishing Attacks?

This new spear phishing attack is an old familiar method in which hackers send emails that purport to be from trusted sources, duping you into disclosing sensitive information. In this particular attack, the email messages are admirably well-crafted, making them even harder to spot.

The emails are also rid of the usual telltale signs such as misspelled words, suspicious attachments, and dubious requests. You might have to recalibrate what you know about phishing scams, because this new threat ticks all the boxes that make it look legitimate.

How Does it Work?

The hackers behind the attack craft personalized messages, pretending to be from trusted sources, such as your colleagues or Microsoft itself, and send them to your inbox. The messages could contain a link or a PDF file that leads to a legitimate-looking landing page. Upon clicking the link, the user will be prompted to enter his or her credentials, which the hacker will use to launch attacks within the organization.

Once they gain control of your account, they might set up new forwarding rules to monitor your communication patterns, which will be useful for their future attacks. They might even use your account to send further phishing emails to your co-workers to collect more sensitive information.

As for the phishing emails with PDF attachments, there will be instructions to fill in username and password to view the document. And once you do, your account is no longer yours.

Another way they can get your credentials is by sending an invoice that requires you to log on to a web portal to view the file. Attackers can also use this technique to trick you into performing a certain action, such as forwarding sensitive information or paying an invoice.

What can you do to Protect or Secure your Email from this new Phishing Attack?

  • Multi-Factor Authentication: Enable multi-factor authentication aka(2FA), whereby you use a password and another authentication method -- like an SMS code -- to secure your account. This function is already included in Office 365 and here's a step-by-step guide on how to activate it.
  • Training: Train yourself and your employees to spot common phishing techniques. In particular, verify the accuracy of the wording and the sensibility of the requests in the messages.
  • DMARC: For good measure, your organization can also install an email-validation system which is designed to detect and prevent email spoofing, such as the Domain-based Message Authentication, Reporting and Conformance (DMARC)

Identifying phishing emails and planning and implementing a robust defense system are ways to protect you and your organization against the new Office 365 threat. For tips on how to spot this type of scam and how to plan thorough security practices, contact our experts today.