Advisory 0098-18: New Phishing Campaign Targeting Microsoft Office 365 Users
What is the Issue?
Security researchers have discovered that Microsoft office 365 users are being targeted in a new phishing campaign. The aim of the attacks are to hijack the users Office 365 account and credentials.
Why is this noteworthy?
This phishing campaign takes advantage of license changes for Office 365 that are going into effect on October 2, 2018. Microsoft is extending the Office 365 Home/Personal Installation Limits. These phishing emails ask users to log into their account with the link in the email to activate the new license extensions and once doing so their credentials would be stolen. Microsoft stated that these license changes will go into effect without the need of human interaction; therefore these emails should all be treated as suspicious.
What is the exposure or risk?
Any individual with a Microsoft Office 365 account or have previously had an account are at risk of being targeted. Hijacked accounts can lead to a breach and system/sensitive data can become compromised.
What are the recommendations?
SkOUT recommends users to be extra cautious instructed to click links or open attachments within emails. Security researchers have pointed out that in this specific campaign the sender’s address and destination link do not match Microsoft as the alleged sender at all which is a clear identifier the emails are phishing.
© Copyright 2019 | Nostra | All Rights Reserved