IT Solutions
Depend on us to get your organisation to the next level.
Sectors
BCN have a heritage of delivering outcomes through our cloud-first services and currently support over 1200 customers across specialist sectors.
About Us
Your tech partner
Posted on July 26th 2018
This time the hackers used very sophisticated techniques – including the exact recipient details, use of company logos and believable ‘from’ names – to make it look like a genuine email from Microsoft Office 365. This technique to gain the trust of the email recipient was an attempt to acquire login details for their Office 365 accounts.
In this particular case anyone who supplied their Office 365 login details and passwords has seen their accounts compromised, with the hackers gaining complete access to their Office 365 account and in turn, access to emails, documents, contacts and data.
Once the hackers have gained access to the account, they have taken copies of entire mailboxes and forward to another email accounts for their own malicious intent. From here they take the data and use it to spam – on a massive scale – all the contact details they managed to acquire. In one case someone received 600 spam emails in just 2 hours! All the emails look to be coming from the compromised users account details, so spam filters are less able to detect them as spam.
Due to the level of sophistication of this threat it is very easy to believe this is a real email. If you or your employees fall victim to such a threat, here’s how you can mitigate the damage in the first instance:
Today hackers use lots of sophisticated tactics to make a malicious email appear genuine, so it can be extremely difficult for users to identify a scam email.
If the email above landed in your inbox would you be able to identify that it was a scam? Are you confident your employees would know the difference?
Data is the lifeblood of any business, keeping it secure from threats such as phishing emails is vital. If your business doesn’t have the right levels of security infrastructure in place it could have serious consequences for your business if you were to fall victim to a phishing attempt such as this one.
To reduce your risks of becoming the next victim of a scam like this, here are a couple of preventative measures you may want to consider:
Set up 2 Factor Authentication When logging into accounts, 2 Factor Authentication requires you to enter not only your password but another piece of information only you know or have immediately to hand – usually a one-off code generated from your authentication software. This adds an extra layer of security to your accounts as using a password and piece of information only known to you will make it extremely difficult for hackers to gain access to your data and networks.
User Security Training Even the best cyber security tools are only as effective as the people who use them. Your employees are usually your last line of defence from hackers gaining access to your systems, however, human error is the most common cause of a security breach. Training your employees on the various threats, how to prevent a breach and what to do should they be the victim of an attack will bring significant benefits in helping to maintain your business security.
We place the upmost importance on helping you protect your business from security threats. Contact our experts today to discuss how we can help you.
We will work in partnership with you to put the right solutions in place for your business and train your employees. If you would like to learn more, feel free to contact us here.