Cybersecurity Awareness Month: Office 365 Phishing Attempts

"Do Your Part" and #BeCyberSmart this Cybersecurity Awareness Month! You can use this month to ensure your company has the most up-to-date training to keep everyone safe! COVID-19 has presented many changes in the workplace, and as we continue to navigate through uncertain times, cyber threats continue evolving.

A recent phishing attempt that is circulating through many inboxes involves Office 365. Like many other phishing attempts, this email will look like it is being sent by a coworker or, most likely, the employee's boss. Scammers know that an employee will often react quickly to an email from their boss without verifying its validity. For example, if the boss's email is ceo@company.com, the scammer may use the email ceo@c0mpany.com to imitate an email you and your employees would trust at first glance. While this form of phishing has been used before, a newer and more strategic tactic is a scammer using the exact domain of a company you may trust. For example, earlier this year, an email from a scammer went out with the World Health Organization’s exact domain address. With a simple Google search, a recipient of this email could verify that who.int is the correct email domain for the World Health Organization; however, with proper training, many individuals could spot red flags in the email and notice that it is a scam.

The recent Office 365 phishing attempt will claim that someone within your organization has sent a document that needs to be opened in Office 365. Once the link is clicked, the employee will be asked to log in to their Microsoft Office 365 account. Once they type in their username and password, the scammer will have enough information to hack into other Microsoft Office programs as well. Accounts that can become vulnerable could include Outlook, OneDrive, OneNote, and other programs that could contain personal and company information. A recipient of this type of email should be aware of the indicators that this is a scam. If the link clicked immediately takes the recipient to a login screen, the email is most likely a scam. A recipient should never enter their login email unless the email has been verified.

While the best practice to follow when receiving these emails is to delete them immediately, some employees may be tempted to proceed if they feel the message is urgent or unsure if the email is their boss or a scammer. While deleting the email is always best, an employee could contact the employee or boss labeled as the sender. It is best to type up a new email or pick up the phone and call the sender to confirm the email before clicking on a link that could endanger the employee's personal information and the company's confidential information. 

At Symmetry Software, we care about your company's online safety! In honor of National Cybersecurity Awareness Month, we want to make sure you and your employees recognize the recent and most threatening scams. You can "Do Your Part" by visiting the Cybersecurity and Infrastructure Security Agency website to download their National Cybersecurity Awareness Month resources and more!