MS Office 365 is one of the tools used by almost every business organization, regardless of whether it is big or small. It is a multi-system platform that combines functions like email, data storage, collaboration, and seamless integration of productivity applications such as OneDrive and SharePoint.

All these tools are, without doubt, valuable to the users and organizations as it smoothens the functioning of the business. However, such a bulk of user data online at one place makes MS Office 365 a mouthwatering target for phishing scams too.

Phishing Scams Targeting MS Office 365 Accounts

Phishing attacks have become much more sophisticated than in the past. The attackers have become more innovative and relentless. Today, they initiate more dynamic phishing attacks than ever. Therefore, it has become necessary to keep oneself updated about the latest scams. By learning about phishing scams, one can employ phishing prevention best practices and anti-phishing solutions to avoid becoming a victim. Here are some recently detected Office 365 phishing scams.

Attack Using A Voice Message

In this attack, the user receives a notification of MS Outlook indicating they have received an email. The subject line will look legitimate, saying, “Incoming: You received a voice message from +***** (contact number) -200 seconds.” The contact number will seem realistic, and the domain address will also look like an authentic Microsoft address. The sender’s name will say “Voice-mail service” in Outlook. The email will contain a phishing link, and the user will be asked to click on it to hear the voice message. And the link takes them to an authentic-looking Microsoft login screen, though it will be a fake one. The fake login page is a trick to steal the user’s MS Office 365 login credentials.

There is an alternative version of this phishing attack too, where the link directs the user to a PDF hosted on an already compromised SharePoint phishing site. In some cases, the phishing link present in the voicemail message contains malware.

Attacks Creating A Sense Of Urgency

In this scam, there is a message with the subject line indicating ‘urgent,’’ final notice,’ ‘immediate action required,’ or something similar, creating an urgency. These messages could be about updating account credentials or any payment information. As the message’s subject line seems critical, users tend to open it and do what the email says. The link present in the message takes the user to a malicious website and then tricks them into sharing their Office 365 credentials.

It could be a multi-phase attack in which the malicious actor can use the information in conducting lateral attacks within their organization. Hence, for phishing protection, one should always check and verify the email and its sender first, however urgent the message could be.

File-Sharing Attack

MS Office 365 offers seamless integration of OneDrive and SharePoint. Hence, malicious actors use these efficient file-sharing tools to spread malware and compromise user data. In this phishing scam, users receive a file-sharing notification from a familiar name. On clicking the link in the message, it will direct them to a fake OneDrive login page to compromise their account credentials. The user will be filling in their credentials on a fake site.

The malicious actors even upload malware or credential-grabbing files on OneDrive or SharePoint by creating a free Office 365 account. Then, they share such malicious files with the victim and ask them to edit the files. They can then compromise the user data.


How To Stay Secure From Such Phishing Scams?

There are some simple measures that a user can take for phishing prevention:

  • Always Keep The Software Updated: Microsoft releases software updates from time to time to make the application safer and more efficient. Microsoft’s latest updates include algorithms, programs, and ATP anti-phishing capabilities to detect phishing emails and impersonation successfully.
  • Disable Hyperlinks In The Received Emails: As discussed above, malicious actors can use links to phishing websites for tricking users. Hence, it will be wise to use the in-built security feature of Office 365 for disabling all the hyperlinks received through emails.
  • Take A Close Look At The Domain: Before hurrying to the message’s body, one should always check the sender’s domain name first. The sender may claim to be from a legitimate source, but it isn’t easy to perfectly spoof a domain name. The fake domain name could be closer to a legitimate one but can’t be precisely identical. Hence, if the domain name looks fishy, there can be a higher probability of malicious intent.
  • Always Check the Link: Before clicking on a link in the message, hover your mouse cursor over it. It will allow you to see the actual URL under the link. Only click the link if it’s authentic. If there is something suspicious with the link, one must verify its authenticity by some other means, like contacting the original domain directly.
  • Be Well-aware And Well-trained: Opening a malicious link by even one employee can make the whole organization vulnerable to a phishing attack. Hence, employees must undergo phishing awareness training programs to educate themselves on every aspect of phishing. Organizations must conduct such training and awareness sessions regularly.


Final Words

Phishing scams are now more well-organized and targeted than ever. By learning about the latest MS Office 365 phishing scams and anti-phishing measures, one can protect precious data from being stolen and compromised. Organizations must take earnest steps to educate and train their employees on how to detect such a phishing attack and stay clear of its threat.