More organisations than ever today are opting to utilise cloud-based services. The benefits are myriad, including both enhanced scalability and drastically reduced maintenance costs, but companies need to remain vigilant against the many cyber threats, such as phishing scams specifically targeting software-as-a-service (SaaS) apps. Widely used by over 155 million commercial users on monthly subscriptions, Office 365 from Microsoft is a major target for cybercrime and companies utilising it must bolster cloud security to protect sensitive data.
Business email compromise (BEC) is an enhanced phishing attack currently on the rise. The scam involves a cybercriminal falsely claiming to be a company employee and requesting a payment for services from a legitimate member of staff. If successfully fooled, the legitimate employee wires the funds to an account named by the hacker and the theft is complete.
Cybercriminals use either a near identical address to a real employee’s (which can slip past detection) or utilise a compromised account obtained by harvesting a user’s credentials. They will then attempt to acquire another real identity to send phishing attacks via email to other employees, spreading the scope of the malicious assault. Largely unreported BEC attacks continue to thrive.
Advanced phishing tactics
Today hackers track their targets more effectively, carrying out detailed research on companies from in-house news to studying technology use and business supply chains. All information amassed is then used to hone attacks, crafting bespoke phishing assaults ever more difficult to recognise as a threat.
Attacks on Office 365 users include false notifications and requests, including security alerts and email reports claiming failure to deliver. Cybercriminals often build trust with targets over a chain of emails before making attacks strengthening the potential success of the scam.
Techniques of attack are becoming increasingly more sophisticated. Whereas before a hacker needed the victim to click on a link to trigger malicious attachments, new attacks using PowerShell have been found to activate malware when files are simply previewed in Outlook.
To avoid security defences, attacks are now being launched from trusted platforms like SharePoint, which makes them harder to identify or lock out.
Secure practices for greater defence
If your organisation subscribes to a cloud service such as Office 365, measures to counter phishing attacks like BEC should be part of your security plan. Educating your staff to identify and report attacks is essential and making rigid authentication in multiple forms mandatory on all accounts is advised, as passwords can be appropriated and cracked by hackers.
Monitoring and identifying phishing threats is vital to security. EDR (Endpoint Detection and Response) and SIEM (Security Information and Event Management) tools are invaluable to log and analyse risks and respond to attacks, shutting them down before they have an opportunity to spread.
For support and advice on employing Microsoft technology at your company, you can count on WM Reply. As specialists in collaborative platforms from Microsoft including Office 365 and SharePoint, our qualified team is well-suited to solve your business problems with smart solutions.