Phishing for Office 365 logon details

Written By: Matthew James
Published On:

Over the last week or so we have noticed an increase in Phishing Emails designed to illicit the Office 365 account details from unsuspecting end users. Unfortunately we have seen a couple of end users fall for these and have allowed access to their email system to an outside agent. with these details the Phisher can do anything that you would be able to do with your emails.

Once inside, the Phisher can cause all kinds of havoc with colleagues, clients and suppliers, and all in your name. Most of the attacks that we have seen so far have been getting craftier and craftier about how they interact with your mail and are able to operate quite covertly. Get in touch with us today for IT email support to see how we can help you identify phishing emails and take back control of your email account.

EG, after scanning through your email they will select one or more targets. They will then set up a few mail rules to forward any emails from the targets email to their own temp email address, and remove the copy that would usually appear in your mail box – making it hard for you to realise there is anything amiss. From here they then start emailing your client (as you) requesting that you change the payment destination of any outstanding invoices, and carry on a fairly legible communication with the other end in an effort to illicit funds and or passwords from them.

What Causes Phishing Emails?

Entry into your office 365 account is mainly via tricking you to enter your user name and password into a website, usually linked from a fairly convincing email asking you to verify your account details, or professing that a person you know has shared a file with you, and you need to log in to view it, or that you have emails in hold and that you need to log in to release them.

The links in these emails take you to this very familiar looking website where it is all to easy to just type your password in.

Please note I captured this screen shot after Chrome had started recognising this as a phishing website, just 30 mins earlier we did not get the big red alert box shown below, or the red “Dangerous” notification in the address bar.

The best – most effective way to lessen the effect of these sorts of Phishing email is to educate staff to not click on or enter their details into any source that they do not 100% trust and recognize. We cover this,and other preventative measures in our post about email best practices

Need IT Support?

If you have any questions about email phishing, or any of our articles, please feel free to contact us. If you’re looking for Office 365 Support, we can help, get in touch today and we’ll do our best to solve your IT problems.