• about reply
WM Reply Logo
Menu
  • About Us
    About Us
    • Newsroom
    • Case Studies
    • Events
    • News & Communications
    • About Us
  • Services
  • SOLUTIONS
    SOLUTIONS
    • Productivity & Collaboration
    • SharePoint Intranets
    • Enterprise Social Networks
    • Digital Workplaces
    • The Accelerator by WM reply
    • Core Technologies
    • SharePoint
    • Power Platform
    • Microsoft Teams
    • Office 365
    • Microsoft FastTrack
    • Microsoft Exchange
    • Yammer
    • Nintex Workflows
    • Microsoft Viva
    • Business Solutions
    • Mobile Applications
    • Document Management
    • Consumer Experience
    • SharePoint Websites Design
    • SharePoint Extranets
  • Careers
  • Contact us
  • about Reply
WM Reply Logo

Search

Focus On

News & Communication

SharePoint used to outflank secure software from Symantec

FOCUS ON: SharePoint, Antiphishing, cybersecurity,

A campaign of phishing attacks is using the online platform SharePoint to bypass the Symantec Corporation’s secure email gateway.

A bespoke phishing campaign built for the purpose of getting around the security software provider’s email gateway, by utilising documents that are shared through SharePoint, is zeroing in on potential targets in the banking sector.

SharePoint vulnerability

Developed by Microsoft as a cloud-based service for both storage and file synchronisation SharePoint can also unfortunately be an asset to malicious phishing campaigns. Researchers from cyber security awareness experts Cofense have stated that using business services such as SharePoint comes close to guaranteeing phishing URLs will be sent successfully to intended targets.

Cofense outlined that the process begins when phishing emails are sent out from a compromised email account requesting the recipient examines a document by opening a URL embedded in the email. The URL is wrapped by Symantec’s own protective Click-time URL and the recipient is redirected to a compromised account in SharePoint.

Effectively SharePoint acts as a very efficient delivery service which outflanks the secure email gateway and launches the secondary attack by getting the malicious URL to its intended recipient.

Once past the email gate, the URL embedded in the body sends the victim to a compromised site in SharePoint where a malicious document in OneNote is displayed. The document is purposefully difficult to read, encouraging the target to download it. Once the user clicks on the link, they’re sent to the main phishing page which gathers their credentials.

Designed to resemble the log-in portal in OneDrive for Business to fool the recipient, it will offer two options for authentication, either using Office 365 personal log-in credentials or via another email provider.

Creative and highly targeted attack strategies

Following download of the files from the compromised server, the credentials taken by the fake form are then posted using login.php. The collected credentials are then forwarded by Login.php in an email to a Gmail account which experts assume is most likely compromised as well.

The attacks are cleverly designed to bypass Symantec security gateways and are well-aimed to snare specific recipients.

Vice President of solution engineering for OneLogin, the cloud-based identity management company, said these attacks are yet another example of the sophistication and creativity shown by malicious actors and commented:

"Attackers know that a significant number of organisations are not taking a strong enough stance when it comes to access security. Once they have a set of valid credentials, it is easy to compromise corporate applications, particularly SaaS Apps including HR Systems, File Storage Services and CRMs.”

If your company uses collaborative software platforms like SharePoint and Software as a Service (SaaS) options like as Office 365, it’s vital you keep your set-up secure and well maintained. At WM Reply we’re experts in using Microsoft technology to its full potential to help businesses achieve their ambitions. From startups and Small to Medium Enterprises (SMEs) to large companies with extensive communication networks, we can assist you. Our speciality lies in creating bespoke solutions tailor-made to your individual needs, so for advice and support, don’t hesitate to contact our professional team.

RELATED CONTENTS

Modern workplace

Case Study

"I think the Platform is a work of art."

Transport for London (TfL) are using native SharePoint Online functionality to deliver their intranet. Supported by WM Reply's Accelerator to deliver an enhanced experience, TfL have migrated away from three legacy intranets onto a unified Platform, positioned right at the heart of their digital workplace.

27.02.2020 / Chicago

Event

Fall in love with the modern workplace - Office 365

Register for the Fall in Love with Modern Workplace event in Chicago for insight into the value and return on investment potential of Microsoft Office 365 – including SharePoint, Teams and Yammer.

02.01.2020

News & Communication

APT groups ramp attacks on enterprises in Q3

It has been reported that target attacks on businesses showed an increase in the third quarter of the year, according to Tech Republic. Cyber attackers have continued to depend on both social engineering and malware to acquire information from both individuals and enterprises alike. Attacks are deployed using bogus using built-for-purpose email addresses, compromised sites in SharePoint and word docs riddled with malware.

 
 
 ​
 
Reply ©​​ 2023 - Company Information -
 PrivacyCookie Settings​
  • Abou​t Reply​​
  • Investors​​​
  • Newsroom
  • Follow Reply on
​
  • ​About WM Reply
  • Privacy & Cookies Policy
  • Information (Client)
  • Information (Supplier)
  • Information (Candidate)