More than 100 million phishing emails have been sent to Microsoft Office 365 Exchange users in 2017. Find out what happened and why strong encryption is the most important defense in the face of attacks and scams.
In the last several months, there has been a remarkable rise in the number of phishing scams that target Microsoft Office 365 users. More than 100 million malicious emails have been sent to Office 365 Exchange users alone. Considering most businesses use Office 365 Exchange, OneDrive, Skype, and many other cloud services, the potential for a data breach is massive.
“I can say comfortably that we have seen an increase of at least 1000 percent since this time last year with many of these campaigns spewing many millions of messages in a single day,” Troy Gill, manager of security research at AppRiver, told CSO.
According to the same article, one attack campaign of phishing emails has inundated businesses, government agencies, universities, and other organizations since June of this year. The phishing scam took on a variety of disguises. One email sent to CSO warned that low Office 365 storage space could result in email delivery delay. To fix the issue, the email prompted the user to open an attached HTML file.
Other instances of the scam ask the victim to click a direct link, which takes them to a phony landing page. In each case, the user is asked to enter their Office 365 username and password, which are stolen by the scammers who then target that victim's address book and send attack emails with subject lines such as “FYI” and “Approved Invoice” to trick new victims. After a while, the attackers use the pilfered passwords to compromise any other data the victim may have access to.
Phishing works so well because so many fields and industries, including journalism, human resources, and marketing depend on clicking links and opening attachments. While you can train employees to be vigilant, there are bound to be emails that still slip through filters, links that get clicked, and data that gets compromised. That’s why these latest attacks show how important strong encryption can be, so that if credentials do get stolen at least the rest of your data remains safe.
Multi-factor authentication, which requires users to refer to a phone call, text message, or app notification on their smartphones after entering passwords, would be a good first step towards stronger security. Both the admin center in Office 365 and Microsoft Azure offer strong MFA functionality. Office 365 also makes it easy to send encrypted emails and to provide and control encryption keys used to encrypt files and mailboxes.
However, enterprise companies can take it one step further and implement a second level of security in case any scammers do slip past company defenses. Solutions such as eperi Cloud Data Protection (CDP) reduce the risk of data loss by allowing the customer to maintain sole control of the encryption process on premise. eperi CDP renders sensitive data unintelligible whilst stored or processed in Office 365 and Azure.
RECOMMENDED FOR YOU