A recent phishing scam is targeting businesses and consumers using Office 365 email services. The fraudsters are gaining access to Office 365 accounts by stealing login credentials obtained using convincing fake login screens.
Fraudster email attacks are becoming increasingly sophisticated – often appearing to be sent from a business, organisation, or individual the victim normally emails or does business with. The fictitious emails contain malicious links or attachments that redirect the victim to a fake login page asking for their email username and password. Once the information is entered, fraudsters then use the stolen credentials to log into Office 365 and send fraudulent emails to the victim’s contact list, perpetuating the scam.
If you use Office 365 for email, we encourage you to be extra vigilant. Emails containing hyperlinks or attachments that require additional actions by you should be carefully vetted before proceeding. If you are unsure if an email you received is legitimate, do not click on any links, attachments, or provide any information.
If you think you may have fallen victim to this scam, immediately contact a known and reputable support professional or contact your email provider to:
- Reset your user username and password
- Disable any forwarding rules or rules that move messages to the deleted folder
- Enable auditing on the mailbox
- Screen your computer and network for malware
We also encourage you to contact any of your email contacts via phone or a safe email address to inform them that your email account has been compromised and to let them know they may receive fraudulent emails appearing to be sent by you.
Signs your Office 365 account may have been compromised include:
- Providing your email login credentials in response to a suspicious email
- Not receiving new emails you are expecting
- Emails in your sent folder were not sent by you
- An Out of Office message has been turned on that you did not set up
Office 365 recommends taking the following preventative measures to protect yourself:
- Ensure that you use complex passwords that are at least 8 characters long, use uppercase and lowercase letters, use special characters and make sure you don’t reuse the same password over and over again. Change your password frequently.
- Use Office 365’s included multifactor authentication tool. In addition to your username and password, this tool requires you to access a mobile app or text message to further validate your identity. While this adds an additional step to the login process, it reduces the likelihood that a fraudster can log in if your login credentials are stolen.
- Use Advanced Threat Protection, an add-on to Office 365 that scans attachments and e-mail links for malicious content. It also helps identify potential phishing and spoofing scams.
- Educate yourself, your employees and friends and family that may use your computer to be careful when browsing the internet and accessing email. If you are unsure where an attachment or link leads or if it is legitimate, do not click on it or provide personal or financial information. Make sure users know who to alert if they feel they may have fallen victim to a scam.