Microsoft Warns of Tricky O365 Phishing Attack

If you are an organization that uses Microsoft Office 365 as your email platform, be on the lookout for a new tricky phishing attack recently used by cyber criminals. Microsoft has issued an alert to its customers warning them of the new attack, which merits mention to your users.

The phishing scheme is designed to use convincing emails, a legitimate looking SharePoint site, and “a crafty combination of legitimate-looking original sender email addresses, spoofed display sender addresses that contain the target usernames and domains, and display names that mimic legitimate services to try and slip through email filters.”

According to the alert, “The original sender addresses contain variations of the word ‘referral’ and use various top-level domains, including the domain com[.]com, popularly used by phishing campaigns for spoofing and typo-squatting.”

The emails reportedly try to get users to believe they are being asked to join a secure SharePoint site by using SharePoint in the display name and poses as a site for bonuses, staff reports or other links that curious users may be duped into opening, which then navigates to the phishing page without the user’s knowledge.

Microsoft continues to urge O365 users to implement multi-factor authentication on all accounts. User education continues to be an important tool to combat successful phishing campaigns, and keeping users informed of the newest scams gives them the ability to protect company data.