The cybersecurity firm Abnormal Security recently uncovered how malicious players built an Office 365 phishing site targeting remote workers that use the platform. Today, the company exposes a similar attack that exploits calendar invites. As always, phishing attackers impersonate credible authorities, such as your employer, bank, or the government, to gain your trust. If you’re an Office 365 user, they could target you via any app or resource available on the platform.

Office 365 users a target for credentials theft

In this case, the attacker poses as personnel from the Wells Fargo security company. If you’re a target, the impersonator sends you an email stating that you need to update your account’s security key. They have one objective: to steal sensitive information from you. Next, the attacker warns that you have to update to the new combination to keep your account active. Of course, they say that to create a sense of urgency and get you to follow through with their malicious plan. So, now you have to read an email attachment and follow the provided instructions. But this attachment is actually a calendar invite (.ics file).Usually, these files hold scheduling data for calendar events. As an Office 365 user, the calendar invite may not initially look strange. Apart from that, the invite includes a SharePoint page, which has a link you have to click to secure your account. Clicking on the link takes you to a fake Wells Fargo site instead. The phishing page captures your account numbers, username, password, pin, and other sensitive personal info. While Office 365 has multiple built-in security features, these can’t always catch all the threats to your personal information. So, it’s always good to exercise discretion and consult with your internal IT security team before responding to emails requiring sensitive information. Have you dealt with any Office 365 security incident amid the COVID-19 crisis? Feel free to share your experience in the comments section below.

SPONSORED Name * Email * Commenting as . Not you? Save information for future comments
Comment

Δ