Rewterz Threat Alert – Increased Office 365 Phishing Campaigns Attacks Related to COVID-19

Severity

Medium

Analysis Summary

The transition of remote work and online learning has taken a new leap amidst all the chaos during the Covid-19 pandemic. Threat actors have also found this opportunity to target financial, government and educational sectors across the nation to their gains as the risk of phishing scams have increased rapidly. Last three months have shown that the organizations are at risk of being exploited via phishing emails by threat actors and this has trend has carried on, where COVID-19 is used as a phishing lure. Attackers are sending spoofed emails, that mimic Office 365 services, prompting users to click links and enter their credentials, allowing attackers access to their systems.

Office 365 users are delivered in a well-designed, spoof page that mimics the service. Attackers have also replicated Microsoft’s login page, which will prompt users to login with their credentials and allow attackers to access their accounts, allowing them to obtain personal information. Emails are sent to users in a manner that may resemble those sent out by the organization, prompting users to click on links to check for COVID-19 pandemic updates.

With the current transition to online learning and remote work, students and employees must be aware of these threats.

Impact

• Credential theft
• Exposure of sensitive data

Remediation

• Always be suspicious about emails sent by unknown senders.
• Never click on links/attachment sent by unknown senders.
• Enable multi factor authentication to add an extra layer of security when a user logs in.