Microsoft 365 Is the Latest Phishing Target – Here’s What We Know

Microsoft 365 Is the Latest Phishing Target – Here’s What We Know

Many of our small business clients have taken advantage of all the features that Microsoft 365 (formerly Microsoft Office 365) has to offer. But unfortunately, even with a large name like Microsoft backing these systems, Microsoft 365 isn’t invulnerable to potential cyberattacks.

Microsoft 365 continues to see growth in the number of users that trust their system. With over 258 million users, it’s no surprise that Microsoft was the number one most impersonated brand in 2019.

Because of Microsoft 365’s popularity and its unique features, cyber hackers see these programs as a target, and recently, these criminals have found a new way to get their hands on the finances of 365 users all over the world.

Today, we’re answering the important questions surrounding this latest cyberattack.

What Happened?

Last week, reports surfaced that Microsoft security experts worked to shut down an expansive fraud campaign that reached 62 countries through malicious websites and applications.

Microsoft also went to court to seize and gain control of the domains being used in the scam, five of which had the word “office” in the title. According to Microsoft, this latest phishing scam was, “a sophisticated campaign designed to trick CEOs and other high-ranking business leaders into wiring large sums of money to attackers rather than trusted parties.”

If you’re an avid reader of our blog, you might think this phishing scam sounds familiar – back in April, we discussed reports on deepfakes that were also used to deceive high-level employees into sending money to cyber hackers.

These deepfake groups used different tactics, relying on deepfake technology to change their voice over the phone, while these Microsoft 365 hackers used email templates that seemed harmless, with titles and themes surrounding normal office operations like quarterly earnings reports.

Despite the contrasting approach, the goal is still the same: infiltrate your data sources with seemingly harmless calls or emails. Their plan of attack depends on slipping innocently past both your inbox’s filter and your own judgment.

Why Microsoft 365?

As we’ve discussed earlier, Microsoft 365 is extremely popular. An easily accessible and user-friendly platform, it encompasses many of the tools that businesses are looking for, including email, file storage, collaboration tools and productivity applications.

Two of the platform’s major features include OneDrive and SharePoint:

  • OneDrive allows businesses to store their documents or other files online in one centralized place.
  • SharePoint gives businesses the ability for multiple team members or clients to collaborate on documents at once.

Unfortunately, these two features that make Microsoft 365 attractive to businesses also make it attractive to cyber hackers. These two systems are essentially treasure troves of information for criminals, holding both valuable business and personal information. In fact, Ponemon asked businesses in 2017 how much of their sensitive data was stored in SharePoint, and the average answer was more than 50%.

By simply getting their hands on one employee’s 365 login information, a cybercriminal can:

  • Impersonate other employees
  • Access confidential documents
  • Spread login information to other cybercriminals they’re working with
  • Request money through wire transfers, gift cards, etc.
  • Encrypt files and hold them for ransom

Because businesses rely so much on their Microsoft 365 accounts to streamline their process and hold all of their important information, cyber hackers aren’t going to back down with their attempts to infiltrate these accounts any time soon.

What Can Your Business Do?

When it comes to keeping your business safe on Microsoft 365, the most important thing to remember is that it’s more than just an email platform. For many businesses, it holds some of your company’s most important data and because of that, every security measure should be taken to keep it protected.

For example, your employees should be using safe, strong passwords they don’t use for other accounts – ones that use numbers, letters and symbols, and that don’t include personal information or even words that are found in the dictionary. You can also set a reminder for your employees to change this password every six months to a year.

It’s also important to stay current with any updated Microsoft releases for 365, as those updates often include security patches that will help keep your information safe.

When in doubt, follow our top cybersecurity tips any time you’re using your devices, such as

  • Don’t click or download email attachments from unknown senders.
  • Don’t enter unnecessary personal information online.
  • Keep your passwords off your computer or safe in a password manager.
  • Make sure your internet connection is secure
  • Keep your antivirus programs up to date.

If you have any questions on keeping your company’s Microsoft 365 platform protected, contact Switchfast today to learn more about how we can help.