Microsoft Office 365 is a very popular product suite. Almost 1 million companies use Office 365 with the highest popularity of the tools seen in organisations of 10-50 employees.
So, it comes as no surprise that this week’s scam is targeting users of Office 365.
The Office 365 Scam – What is it all About?
The email below shows the content of the scam we received in our inbox this week. It plays with the usual box of tricks used in these sorts of scams. Namely, a sense of urgency and fear of missing out – “quick! You need to fix this to get at your emails!”
Undeterred we looked at the email more closely and found these tell-tale email scam signs:
- The senders address, although it has “MS-OFFICE Postmaster” as the sender’s address, expanding this to look inside the < > shows an email address that is most definitely not from Microsoft.
- The email was not personalised, aka my name was not shown in the introduction to the message.
- A strong and urgent encouragement to ‘fix’ the problem by simply clicking this helpful link – with a distinct lack of further details.
What happens if you click the link?
The point of this scam email is to harvest login credentials to the real Microsoft Office 365 portal.
If you click on the link in the email, it takes you to a realistic looking Office 365 login screen.
If you then enter your login username and password and click ‘Submit’ those credentials will be sent immediately to the scammer behind the email. They will then use them to login to your Microsoft Office 365 account; stealing whatever data and documents are in there.
What to do if you’ve already clicked the link and entered your credentials
The only thing you can do at this juncture is to change your password, pronto.
If you use this password anywhere else, we suggest you change the password on those accounts too.
Next, if you have not done this already, ensure your organisation has switched on second-factor authentication. This reduces the chances of your company Office 365 account being exposed. Information on how to do this can be found on the Microsoft Office 365 site.
Report any suspected scam email to your IT administrator.
You should also consider training staff in security awareness to prevent this type of scam ending in stolen company documents and data.
Why not help your colleagues stay safe and send them this little reminder. Feel free to edit, copy/paste the advice below:
The Microsoft Office 365 Scam
An email which looks like it has been sent by Microsoft Office 365 support is doing the rounds. The email is a scam which details undelivered emails.It offers a link to fix the issue. If you click on the link you will be asked to enter your Microsoft Office 365 login credentials DO NOT enter any username or password into this site – they will be stolen and used to access your company’s Office 365 portal to steal company data and documents.
Report the suspected scam email to your IT administrator or line manager immediately.
Don’t forget to share this with your colleagues and friends and help them stay safe.
Let’s keeping breaking scams!
Let the Defence Works help your business avoid cyber security breaches – sign up for a free security awareness training demo, today.