The app, which recently received a Yammer integration update, comes in handy when you need to remotely collaborate on business files. Sadly though, threat actors know this too. So they’re now sending spoofed SharePoint emails to unsuspecting employees as part of a phishing campaign.
Microsoft 365 user credentials targeted in phishing attacks
The folks at Abnormal Security uncovered a phishing campaign that targets corporate SharePoint users. Unfortunately, the end game for the attackers is to collect unsuspecting users’ Microsoft 365 credentials. They start by sending spoofed SharePoint emails addressed to no specific person. By not naming any individual as the recipient, the threat actors aim at tricking as many victims as possible into supplying their Microsoft 365 login details. However, unlike previous similar attacks, this phishing campaign doesn’t create any sense of urgency to get the target to act quickly. According to Abnormal Security, the attackers designed the phishing emails to appear to originate from within the target organization. As you may expect, each email has a malicious link. And if you click on the link, you end up on a fake Microsoft 365 landing page. The link may take the user to a PDF download page that redirects to another site, in other cases. Whichever way the link goes, the user ends up on a site that requires Microsoft 365 security credentials to sign in. Phishing attacks targeting the users of Microsoft 365 or other cloud-based or on-premises computing tools are a persistent cybersecurity issue. Be sure to guard your IT systems with all you’ve got, from antivirus solutions to Microsoft Defender ATP. For any cybersecurity-related problem or question, write us a message in the comments box below.
Name *
Email *
Commenting as . Not you?
Save information for future comments
Comment
Δ
