We are seeing an increase in email phishing attempts, particularly with Office 365 users. Unlike old school, easy-to-spot, methods, there are new tactics that are much harder to spot.
Fake encrypted emails
The first of the two big ones are fake encrypted emails which require you to log in, much like real encrypted emails. The link itself goes to either a bad website (easier to spot), but some are more complicated. Some links can be SSL secured, and even Microsoft owned. But you will notice it is not, however, an office.com address.
Malware hosted on trusted Microsoft sites
The other fake is even more sophisticated. It actually uses Microsoft’s website against you. This one even uses a office.com address! It actually fools both the users and email filters to use Microsoft services to host phishing pages. It hosts on Microsoft Sway. The email itself is actually sent from a onmicrosoft.com website and includes links to sway.office.com. Both trusted sources.
Often this pretends to be a fax attachment to be viewed online. If you click this link, you get to a website that asks you to either download a malicious file or simply log into Office 365. Unlike most phishing tactics, this one doesn’t look obvious, in fact it is pretty convincing.
Protect your employees with two factor authentication
So how do you protect yourself from such tactics? A secure password is only secure if you are the only one who knows it. This is where two factor authentication becomes critical. Two factor authentication is where you must authenticate not only by entering your password, but require your cell phone.
This can be set up either by receiving a 6 digit code by text, or an automated phone call where you hit an appropriate key to indicate it is you attempting to perform a sign-in.
This two factor authentication will be required any time you would normally have to type in your password. Typically this is infrequent for phones/Outlook/website on your trusted devices. However, when you log in on a new device, or need to re-authenticate on your trusted device, you will need to perform the secondary authentication. RMTT recommends that we enable two factor authentication on your Office 365 accounts.