If they move forward and submit their credentials, their accounts will be taken over by the criminals as well. However, if any recipients click on the link or open the document, they will be taken to a fake sign-in page where they will be asked to enter their credentials. These messages are usually just quick innocuous notes that include a link or shared document. Once attackers take over an account, they will use that account to send emails to other colleagues- sometimes even hundreds of people. Criminals also know to target mid to low-level employees that haven’t had in-depth security and awareness training, in hopes that the targets don’t know that this type of initial phishing attack even exists. Note that these types of phishing emails are often not detected by existing email security solutions because the fake sign in page is often hosted on a compromised website, which has a high reputation. For example, many times employees will unknowingly follow a phishing link from an attacker, which prompts them to enter their credentials into a fake sign in page of Office 365, G-Suite or other popular web services. Unfortunately, with today’s cunning phishing methods, this can happen without the victim ever noticing. In order for cybercriminals to take over an email account, they first need the credentials.
Here’s what we know about these scams, and some ways your organization can be sure to avoid them: Cybercriminals know this well, which is why they are sending attacks to the friends and colleagues of compromised account owners.īased on some of the recent threat activity we’re seeing, criminals are regularly using file sharing document emails (such as OneDrive and other popular services) to initiate attacks from hijacked accounts.
The chances of you opening, clicking or downloading a document sent from a colleague or friend are much higher than acting on an email from someone you don’t know.
0 kommentar(er)
