Office 365 has become one of the most used cloud services; according to a report, 56% of businesses using cloud services prefer to use Office 365. Well, it seems like that this popular cloud service has now come into the radar of cybercriminals.
Since hackers are always on the look of attacking business, it is apparent that are readily finding new ways to bypass office 365 protections; as a result, a lot of office 365 users are getting phishing emails delivered to their inboxes.
What are hackers up to?
A large scale phishing campaign is being conducted with the help of voicemail scam pages. This phishing tactic might be implemented to harvest the user’s credentials.
The users receive an email informing them that they have missed a phone call and asks the users to sign in into their Office 365 accounts and access their voicemail. They may even attach some fake audio of someone speaking to convince you that the mail is legitimate.
An html page is attached to it which automatically (on being clicked) redirects you to the phishing page. To appear more genuine, the page would ask you for a password which is a trick because they want you to enter your password into phishing page. Upon entering the password, you come across a successful login page; you would be redirected official Office.com login page.
The three Phishing Kits
According to the researchers, three kits – Voicemail Scmpage 2019, Office 365 Information Hollar, and an unbranded kit – are aimed at extracting the useful information such as the victim’s email address, password, IP, address and location all would be extracted by the hacker.
McAfee Researchers Oliver Devane and Rafael Pena have mentioned in their blog post, “As explained in the introduction, we were surprised to observe three different phishing kits being used to generate malicious websites. All three look almost identical but we were able to differentiate them by looking at the generated HTML code and the parameters which were accepted by the PHP script.”
A wide range of industries are falling into the traps of the hackers. The main targets are from the financial and IT services fields. Many high profile companies have also fallen into the traps of the hackers.
McAfee has advised all its users to use two-factor authentication while the enterprise users have been asked to block .html and .htm attachments to the legal gateway level to stop the users falling into the cybercriminals’ trap.
The users are now supposed to be vigilant to save their useful details. Make sure that you are not opening attachments from unknown senders; even if you do it by chance, ignore it at once. Avoid using the same password for all the services. Keep changing your passwords every two to three months. The businesses that are using Office 365 need to be extra careful and make sure that their email security defenses are up to the mark, capable to detect and block advanced phishing threats. They can use Office 365 ATP to avoid these threats.
Do you have any more suggestions regarding the measures to be safe from Office 365 phishing scam?