ABOUT
WHAT OUR CLIENTS SAYEDUCATION CENTREBLOGCONTACT
MANAGED IT
MANAGED IT SUPPORT
SECURITY
PROTECT MY 365M365 MDRM365 TENANT PROTECTIONHUNTRESS MANAGED EDRCYBER ESSENTIALSCYBER AWARENESS TRAININGIRONSCALES EMAIL SECURITYSENTINELONEDNS FILTERDARK WEB MONITORING
CLOUD
HOSTED DESKTOPMICROSOFT 365WAVE TELEPHONY3CX PHONE SYSTEM
BACKUP
DATA BACKUP & DRMICROSOFT 365 BACKUPXERO BACKUPSALESFORCE BACKUPGOOGLE WORKSPACE BACKUP
0161 850 2471
ABOUT
WHAT OUR CLIENTS SAYEDUCATION CENTREBLOGCONTACT
MANAGED IT
MANAGED IT SUPPORT
SECURITY
PROTECT MY 365M365 MDRM365 TENANT PROTECTIONHUNTRESS MANAGED EDRCYBER ESSENTIALSCYBER AWARENESS TRAININGIRONSCALES EMAIL SECURITYSENTINELONEDNS FILTERDARK WEB MONITORING
CLOUD
HOSTED DESKTOPMICROSOFT 365WAVE TELEPHONY3CX PHONE SYSTEM
BACKUP
DATA BACKUP & DRMICROSOFT 365 BACKUPXERO BACKUPSALESFORCE BACKUPGOOGLE WORKSPACE BACKUP
0161 850 2471

New Phishing Scam Targets Businesses: How to Stay Safe

Michael Tunstall

December 2, 2024

Microsoft is sounding the alarm about a sophisticated new phishing scam targeting businesses. This scam exploits trusted cloud services like SharePoint and OneDrive, platforms usually considered safe, to deceive users into handing over sensitive login details.

Here’s how it works and what you can do to protect your business.

How the Scam Works

Bypassing Security

Cybercriminals manipulate privacy settings within these cloud platforms, allowing them to bypass traditional security checks.

Gaining Access

Scammers either steal login credentials through phishing attacks or purchase them on the dark web.

Uploading Fake Files

Once inside your cloud storage, they upload a malicious file designed to mimic legitimate pages, such as a fake Microsoft 365 login.

Targeting Victims

The file permissions are restricted to specific users, such as you or your team, making the email look authentic.

The Risks

Opening these files or clicking on any embedded links could result in:

Compromised Systems: Scammers may gain unauthorized access to your business systems.

Malware Installation: Malicious software can disrupt operations or steal sensitive data.

Financial and Reputational Damage: Recovering from an attack can be costly, and the loss of trust can hurt your business’s reputation.

How to Protect Your Business

Educate Your Team

Ensure your employees are aware of this scam and understand the importance of scrutinizing emails, even those from trusted platforms.

Encourage staff to verify the sender’s identity before opening shared files.

Enable Multi-Factor Authentication (MFA)

MFA adds a critical layer of security by requiring a second verification step, like a code sent to a phone, along with the password.

Keep Software Up to Date

Regularly update your security software to ensure it can defend against the latest threats.

Verify Suspicious Activity

If something seems off, reach out to the sender directly to confirm the legitimacy of the email or file.

Need Help Strengthening Your Security?

We can help safeguard your business with advanced security solutions, employee training, and real-time monitoring. Get in touch today to fortify your defences against phishing scams and other cyber threats.

<All Posts