Cyber security - who's phishing in your pond?

Beware of increasingly plausible phishing attacks

With over 150 million business users worldwide, it’s not surprising that Microsoft Office 365 productivity platform is increasingly being targeted by sophisticated phishing attacks. The perpetrators aren’t just using standard phishing and spear-phishing techniques to gather credentials. They are also looking to use more sophisticated exploits to gain access as administrators to platforms which have valuable data stored within them.

A marked increase in the frequency of Office 365 administrators being targeted has been observed. These attacks are more realistic than previously and are a goldmine for anyone who can get through. If a hacker can gain administrative access to an Office 365 platform, they can potentially have unfettered access to anything stored across the organisation. Email forwards, mailbox access, SharePoint data – the vast quantity and variety of information that is accessible is a major concern, especially for those businesses that aren’t implementing tighter controls and security.

A report released by Barracuda Networks has highlighted the risks of lateral phishing. This is where an account is compromised in an organisation and used to send phishing emails to close contacts and colleagues. Barracuda have found 38% of organisations with 101 – 500 employees have been targeted by compromised accounts.

Only last month we saw an example of a business (not an Orca client) that had fallen victim to a lateral phishing attack. Unfortunately, a member of their accounts team made a payment to an unknown account after receiving an email from the Finance Director authorising payment. The email wasn’t actually from the Finance Director, but from his hacked account and due to no internal procedures, the payment was made without additional checks. This incident illustrates the necessity to establish internal processes to validate actions based on digital procedures that could be vulnerable to external attack.

What can be done?

First and foremost, user awareness training is key. Educate your users on how to spot phishing emails. Check the sender’s email address, headers and spelling and grammar. These are usually indicators when spotting a fraudulent email. If the email has any URLs referenced in the email body, hover over them and check they relate to the correct business or service.

Implement two-factor authentication. This can help mitigate the risk of administrator accounts being compromised or credentials being used for malicious purposes. It doesn’t remove the general risks of phishing but can certainly alert the organisation if an account has been compromised.

Make use of the additional security and features within Office 365 such as advanced threat protection (ATP), which can help protect your business from phishing and zero-day malware using advanced technology.

Cyber security is embedded into Orca’s managed IT services. As part of our client services, we establish a comprehensive cyber security strategy to secure valuable business data and help prevent cyber attacks. Our data protection strategies help clients to comply with industry and data protection regulations such as GDPR. To discuss your cyber security strategy, please contact us.