The hunt for Office 365 accounts

The current surge in remote working has raised cybercriminal interest in Office 365, one of the most common cloud collaboration  www.mcafee.com/activate product key platforms.The basic scheme is simple: Cybercriminals lure a company employee to a fake www.mcafee/activate Office 365 login www.mcafee.com/activate download page and persuade them to enter credentials. In other words, it is phishing. The specific methods mcafee.com/activate product key by which the attackers try to get usernames www.mcafee.com/activate and passwords differ, but here are the most common tricks of the trade.

Fake Teams messages

As a rule, when attackers send an e-mail message meant to look like a Microsoft Teams notification, they stress urgency, www.mcafee.com/activate product key hoping the recipient won’t take a minute to note any irregularities. So, the general thrust may be something about an urgent deadline, for example, leading the victim to click the Reply in Teams button  www.mcafee/activate and end up on a fake login page.

If the attackers did their homework, the mcafee.com/activate product key name and picture of a real colleague will be in the notification www.mcafee.com/activate, which might look something like an internal BEC, but more commonly, it will be some abstract person. The cybercriminals’ calculation is also that the victim’s anxiety about someone unfamiliar having such an urgent matter will force a click on the button.

Delivery failure notification

Another fake problem crafted to instill a sense of urgency in the recipient is an alleged delivery failure, for example due to an authentication error. In this case, the victim was meant to click through to pick up a message mcafee.com/activate product key, but www.mcafee.com/activate download the attackers were lazy and failed to create a plausible Office 365 login page.

Of course, next time they might make a more convincing fake, in which case the recipient would have to fall back on other means www.mcafee.com/activate product key of idenfying phising. It’s worth noting that senders, not recipients, get delivery failure notices — if the server were able www.mcafee/activate to identify the intended recipient, then it would deliver the message properly!

Full mailbox notification

Warning a victim of dire consequences — in this case, the horrible prospect of an undelivered message — the full mailbox notification is simply another aspect of herding workers into a panicked error. The choice it presents www.mcafee.com/activate is to delete or to download the messages. Most people will opt for the latter and click the bait, a “Click here” button.

Note that in this case the attackers www.mcafee.com/activate product key made some effort, inserting a paragraph in the е-mail about the company’s social responsibility in light of the pandemic, although they didn’t bother mcafee.com/activate product key with even minimally convincing business English www.mcafee/activate. Again, reacting out of panic can cause people to overlook the signs of a fraudulent communication.

Password expiry notification

Changing a password is a fairly common www.mcafee.com/activate download procedure. Your company policy should require it regularly, and security may request it as a precaution against a possible leak. And, of course, when you set a new password, you have to www.mcafee.com/activate provide the old one. Therefore, password-change requests are a staple of phishing е-mails.

How to avoid getting hooked

Remember that account details unlock www.mcafee.com/activate product key not only the ability to send е-mails mcafee.com/activate product key from an employee’s address, but also access to all information accumulated in the mailbox. Any page requesting work account credentials deserves www.mcafee.com/activate scrutiny, even if —especially if — you’re experiencing pressure to get things done fast. Two essential pieces www.mcafee/activate of advice are all you need, here:

  • Always check the address of any page asking for credentials. Depending on the service, legitimate login pages might include microsoftonline.com, outlook. www.mcafee.com/activate downloadoffice.com, onmicrosoft.com, or your company domain name.
  • Deploy a robust security solution mcafee.com/activate product key company-wide www.mcafee.com/activate product key that blocks such phishing е-mails.

Comments

Post a Comment

Popular posts from this blog

Introducing tracking prevention, now available in Microsoft Edge preview builds

Image
Today, we’re releasing an experimental preview of tracking prevention for Microsoft Edge. We features of build microsoft edge as one of the concepts we’re exploring www.mcafee.com/activate product key to offer greater transparency and control over your online data . Microsoft Edge Insiders can www.mcafee/activate now try out tracking mcafee.com/activate product key prevention by enabling the experimental flag on Microsoft Edge preview builds starting with version 77.0.203.0 (today’s Canary channel release).  (Note: Today’s Canary release www.mcafee.com/activate download is not currently www.mcafee.com/activate available for macOS due to a build issues. Tracking prevention will be available in the next update to the Canary channel on macOS.) Tracking prevention is designed to protect you from being tracked by websites that you aren’t accessing directly. Whenever a website is visited, trackers from other sites may save information in the browser ww...
Read more

Why businesses need to back up

Image
For almost any business, information is critical: documents, contacts, contracts, correspondence, accounts, and so on. Modern technologies help not only to manage business-critical data  www.mcafee.com/activate product key , but also to lose  www.mcafee/activate  it in the blink of an eye. For most companies, losing access to data means the suspension  www.mcafee.com/activate download  of all business processes  mcafee.com/activate product key , inevitably leading to lost profit, damage to reputation, and recovery costs. Rest assured, there is no shortage  www.mcafee.com/activate  of data loss scenarios out there waiting to happen — and almost none of them has anything to do with the quality of your equipment. Here are just a few. Ransomware An employee might click a malicious file downloaded from the Internet or an attachment in an e-mail sent by cybercriminals. Doing so doesn’t just encrypt data on the local machine; ransomware has a nasty habi...
Read more

Hackers and their motives

Image
It's  true that recent  www.mcafee.com/activate cyber attacks have ranged from the catastrophic effects of   that paralyze corporate mcafee.com/activate product key and urban functions www.mcafee.com/activate product key to  data www.mcafee/activate breaches that expose millions www.mcafee.com/activate download of customers. , I don't hear much about hackers themselves.  Not surprisingly, many  www.mcafee.com/activate hackers hide their identities because of their criminal activity www.mcafee.com/activate download.  But you might be surprised to find that not  www.mcafee/activate all hackers are bad.  There are all kinds of hackers in the www.mcafee.com/activate product key rapidly evolving field of technology.   The hacker's actions and their purpose are shown below.   White Hat Hacker: A   justice hacker and computer security expert who specializes in penetration testing and other technique...
Read more