Security Experts Warn About the Increasing Number of Office 365 Phishing Emails

How many emails do you send out every day? How many do you receive? These numbers vary from person to person, depending on their position, their social life online, their hobbies, and even their attitude towards virtual privacy. Obviously, if corresponding with coworkers, business partners, customers, and others is part of your daily routine at work, you might be receiving a ton of emails. On the other hand, you might be receiving an avalanche of emails every day only because you subscribe to every newsletter you come across, you have multiple social networking accounts, or you shop online frequently. At the end of the day, it does not matter how many emails you receive, as one single phishing email can ruin your day. Security experts are warning that more and more Microsoft Office 365 phishing emails emerge, and you need to learn to recognize them if you want to stay safe.

How do fake Office 365 phishing emails look like?

It would be a mistake to think that every single phishing email impersonating Microsoft comes from the same attacker. One doesn't have to be a genius to create a convincing email message that might resemble one sent by Microsoft. First of all, do you remember the last time you received an actual email from Microsoft? That should not happen often, and Office 365 users should receive emails from Microsoft only when they change passwords, when suspicious activity is detected, or when other security-related issues occur. Unfortunately, these kinds of emails are the ones that users simply cannot ignore, and cyber attackers know it. This is why most phishing emails targeted at the Office 365 users introduce them to alleged security problems. They might push you to reset your password, login to identify yourself, confirm logging in from an unknown location, or simply authorize suspicious activity. Basically, phishing emails are meant to draw you in using familiar messages and requests.

To convince you that you are dealing with an official message from Microsoft, schemers make sure that the messages look right as well. First and foremost, the subject line has to look authentic, and it is easy for schemers to copy legitimate subject lines. They can do the same with the layout of the message itself by adding logos, applying a certain color scheme, or using specific wording. It is, without a doubt, most difficult for schemers to create believable email addresses, from which the phishing emails are sent. In some cases, these email addresses are completely fictitious, but believable enough. For example, might look like a normal email address, but it is obvious that it is fake because Gmail is a free email service that anyone can use to set up an account, and Office 365 and Microsoft security warnings are certainly not sent via Gmail.

Unfortunately, schemers can hijack email accounts, and that means that there is a possibility that they could hijack authentic Office 365 support email accounts too. Of course, the chances of that happening are minuscule, and schemers are most likely to operate via fictitious email accounts, and so that is one thing you always want to check whenever you receive a new message.

If schemers behind Microsoft Office 365 phishing emails are successful at creating believable messages, they might successfully trick people into opening URLs, clicking buttons, opening attached files, and entering data into forms represented via these emails. Ultimately, phishing emails are set up as call-to-action tools, and the actions depend on the schemers behind them. For example, the links could route to fake Microsoft and Office 365 login pages to extract login information. Forms could be used for the same purpose as well. Attached files or buttons could be used to drop malware in a stealthy manner. Overall, the victims of these phishing scams would put themselves into risky situations by interacting with the misleading email messages.

More and more Office 365 phishing emails emerge

Did you know that 1 in 99 emails is a phishing email? That might not seem like a huge number, but it certainly is significant enough. It is far more troubling, however, that 25% of phishing attacks delivered via emails are able to bypass Office 365 security. This data was provided by Avanan in the Global Phish Report 2019. Most phishing attacks are used for the distribution of malware (50.7%) and the theft of login information (40.9%). Security firms are not the only ones noticing the trends, and even CISA (Cybersecurity and Infrastructure Security Agency) – which operates under the US Department of Homeland Security – is warning people about the dangers of phishing attacks. According to the AR19-133A report, the growing danger correlates to the growing number of organizations moving to cloud-based services, which is what Office 365 offers. It is also believed that most phishing attacks are targeted at bigger organizations and companies, rather than individual users.

How to evade Office 365 phishing emails?

You now know that you need to inspect the emails you receive carefully. Always critically assess the subject line, the message, and even the sender’s email address. If schemers are not careful enough, they might fail to imitate authentic Office 365 emails perfectly, and you might be able to unveil the scam right away. You also have to think about the logic behind every received message. Unfortunately, schemers usually know what they are doing, and it might be difficult to figure out whether a message that, for example, asks to reset a password is legitimate or not. This is why, in a situation like that, it is always a good idea to consult with the experts. It is best to go straight to the source, which, in this case, is Microsoft.

You also want to take additional security measures to ensure that your accounts cannot be hijacked. First and foremost, set up multi-factor authentication to ensure that if someone tries to gain access to your account, they cannot get in without the second authenticator. While this is not something that cannot be bypassed, an additional password or a security code can certainly increase the overall security. Organizations are also advised to educate their employees on the dangers of phishing attacks, as well as to employ anti-phishing technologies. It is also important to understand what action must be taken if a phishing attack is successful. If Office 365 accounts are breached, the first step is always to change passwords to prevent schemers from taking them over. Needless to say, setting up strong passwords is crucial, and you can continue reading about that HERE.

June 19, 2019