• about reply
WM Reply Logo
Menu
  • About Us
    About Us
    • Newsroom
    • Case Studies
    • Events
    • News & Communications
    • About Us
  • Services
  • SOLUTIONS
    SOLUTIONS
    • Productivity & Collaboration
    • SharePoint Intranets
    • Enterprise Social Networks
    • Digital Workplaces
    • The Accelerator by WM reply
    • Core Technologies
    • SharePoint
    • Power Platform
    • Microsoft Teams
    • Office 365
    • Microsoft FastTrack
    • Microsoft Exchange
    • Yammer
    • Nintex Workflows
    • Microsoft Viva
    • Business Solutions
    • Mobile Applications
    • Document Management
    • Consumer Experience
    • SharePoint Websites Design
    • SharePoint Extranets
  • Careers
  • Contact us
  • about Reply
WM Reply Logo

Search

Focus On

News & Communication

Latest phishing strategy pinpoints hacked SharePoint users

FOCUS ON: SharePoint, Antiphishing,

Cyber attackers are slipping through the net of email filters under the guise of SharePoint user accounts they’ve compromised.

A new and dangerous phishing threat has recently been revealed that uses hacked Microsoft sites and documents in SharePoint and OneNote to hoodwink would-be victims in the banking industry to visit landing pages set up by cybercriminals.

Targets acquired by cyberattacks

The criminal minds behind the cunning campaign have selected Microsoft’s SharePoint platform based online as their target for a specific reason. The collaborative software uses domains known to be overlooked by the protective power of secure email gateways, which allows attackers to get the phishing messages into user’s inbox undetected. After the SharePoint account has been compromised, the cybercriminals make use of it to send out emails to their intended victims. The attacks take the form of a request to the recipient to read a proposal from a legal assessor through an embedded URL within the message.

Phishing threats uncovered

This latest phishing strategy was found by researchers at security specialist service Cofense. In a recent blog post, they commented on why phishing tactics prove so effective. They cite the sheer volume of attacks, which include one trillion emails sent to victims each year often using an imitation of a DocuSign document to trick users into giving up private and secure details.

Cofense commented on the weakness of SharePoint regarding secure email gateways:

“SharePoint is the initial delivery mechanism to deliver a secondary malicious URL, allowing the threat actor to circumvent just about any email perimeter technology.”

The URL embedded in the sent message directs users to a cybercriminal-controlled site in SharePoint. Once there, they discover a fake but highly plausible OneNote document, designed to be difficult to read to further confuse the victim and asks them to instead download the complete version by using the embedded link supplied. This link however, once used actually directs bank personnel to an attacker-controlled phishing page.

Once there, intended victims view a page imitating the OneDrive for Business official login page. Above the sign-in form, they’ll see a disclaimer that states the document is secure and invites them to login to edit, download or view it. If the target logs in with their credentials, they will be instantly collected by the cyber criminals.

If your company currently uses Software as a Service (SaaS) products from Microsoft like Office 365 or its collaborative platforms such as SharePoint, we can help keep you secure. At WM Reply, our expertise lies in using Microsoft technology to solve your business problems. We develop agile and bespoke solutions to benefit your business and ensure you intranet is running effectively and safely. To stay at the forefront of your industry, you’ll need all your people working together at the top of their game with the latest technology to carry out your task. To find out how we can help your business, contact our team today for advice and assistance.

RELATED CONTENTS

Modern workplace

Case Study

"I think the Platform is a work of art."

Transport for London (TfL) are using native SharePoint Online functionality to deliver their intranet. Supported by WM Reply's Accelerator to deliver an enhanced experience, TfL have migrated away from three legacy intranets onto a unified Platform, positioned right at the heart of their digital workplace.

27.02.2020 / Chicago

Event

Fall in love with the modern workplace - Office 365

Register for the Fall in Love with Modern Workplace event in Chicago for insight into the value and return on investment potential of Microsoft Office 365 – including SharePoint, Teams and Yammer.

02.01.2020

News & Communication

APT groups ramp attacks on enterprises in Q3

It has been reported that target attacks on businesses showed an increase in the third quarter of the year, according to Tech Republic. Cyber attackers have continued to depend on both social engineering and malware to acquire information from both individuals and enterprises alike. Attacks are deployed using bogus using built-for-purpose email addresses, compromised sites in SharePoint and word docs riddled with malware.

 
 
 ​
 
Reply ©​​ 2023 - Company Information -
 PrivacyCookie Settings​
  • Abou​t Reply​​
  • Investors​​​
  • Newsroom
  • Follow Reply on
​
  • ​About WM Reply
  • Privacy & Cookies Policy
  • Information (Client)
  • Information (Supplier)
  • Information (Candidate)