Last month, Microsoft’s Security Intelligence team alerted Microsoft 365 users and administrators about a clever new phishing attempt. This campaign uses spoofed sender addresses and names, supposed file share requests in SharePoint, and even approximations of Microsoft logos to try and slip through cybersecurity defenses.
As with most phishing attempts, the goal is to convince unsuspecting users to click a legitimate-looking URL, which instead redirects to a compromised site that steals user credentials and can even download malicious software onto a user’s computer—or, worse, an entire office’s connected network.
In a statement, Microsoft said, “An active phishing campaign is using a crafty combination of legitimate-looking original sender email addresses, spoofed display sender addresses that contain the target usernames and domains, and display names that mimic legitimate services to try and slip through email filters.” The tech giant quickly moved to stifle the phishing attempt targeting its estimated 50 million+ users of Microsoft 365.
But if cybersecurity trends in 2021 are any indication, attempts like this will continue to increase in both frequency and sophistication. The focus on “file share request” links in spoofed emails is common, but security experts say the use of Microsoft logos and barely noticeable domains (think user@microsofl.com instead of user@microsoft.com) is particularly worrisome.
Deploying different methods of cyber defenses is critical—that way, if one falters, another can step up to block the vulnerability.
Many cybersecurity strategies place this step last. But in the case of this latest Microsoft phishing campaign, security awareness training is paramount because it empowers users to identify ways that cybercriminals will try to trick them. The tactical goal is to make users stop, read, and think carefully before responding to or clicking on any links in an email, even when it looks legitimate. This type of ongoing education can serve as the first line of defense against fraud, ransomware, data breaches, and other cybersecurity issues.
These are crucial components of step one, but because of their importance, it’s useful to break them down:
Company-wide Internet filtering and traffic analysis can stop some unauthorized phishing attempts, while sandboxes that isolate attachments before delivering them to your inbox can add another tactic to your IT toolbox. In addition, employers should take extra precautions to alert their employees when and from whom any critical communications will arrive so they can separate real emails from fake ones. Notifying IT support staff—whether internal or external—when obvious phishing attempts do land in your inbox can also cut down on the future threat of fraud or infection. Even the best technology requires smart, savvy human beings whose insight and intelligence can help systems work properly.
At CMIT Solutions, we help thousands of businesses spot and stop phishing emails before they have a chance to infiltrate IT systems or steal valuable data. We’ve helped thousands of businesses operating in countless industries across North America to strengthen their cyber defenses and enhance email security.
If you’re worried about phishing campaigns or have identified illicit messages making it into your inbox, contact CMIT Solutions today. We defend your domain and your data while empowering your employees to take email security more seriously.