Got Office 365? It’s an Ocean Full of Phish
According to a report by security firm Avanan, 25 percent of all phishing emails swim right through Office 365. For those with their heads in the sand, phishing occurs when an attacker sends a communication, usually an email, to an individual attempting to influence them to open an infected file or click on a malicious link to a page that will request credentials or drop malware. Once the victim clicks, the criminal can upload malware and engage in other insidious acts that will enable prolonged access to the individual’s system.
The report, which analyzed over 55 million emails, found that over 30 percent of phishing emails were successfully delivered to poor, unsuspecting end users. And 25 percent of those were considered clean by Exchange, with over 5 percent whitelisted unintentionally, we hope, by administrators. Putting it a different way, one in every 99 emails is a phishing attack.
The key methods of attack? Malware phishing represented over 50 percent of the attacks, and credential harvesting over 40 percent. Both utilize email as the delivery mechanism. Malware phishing uses an email to install malware on the recipient’s device. Interestingly, malware scans can miss this because the email itself isn’t harmful – it is the link within the email or the attachment that is.
Credential harvesting typically mimics well-known and trusted brands, such as Amazon, with the hope of luring people to provide sign-in information on a fake login page. The link can be within the email or in an attachment. If the recipient falls for this, the hacker captures the sign-in information and can take over the account. Out of every 25 branded emails, at least one will be a phishing email. I received one the other day from a DHL impersonator.
The most advanced? Obfuscation methods, which successfully bypass Office 365 security layers. The hacker obfuscates the URL, making it unrecognizable to Office 365. This phishing method is not used very often.
Once again, the burden is on the end user – the frontline target. Think about it, it only takes one press of your mouse button and you’re toast – well, the whole organization is toast. Hopefully you will still have a job. I doubt it though – I think your manager would be hard-pressed to overlook a data breach that you caused.
conceptClassifier for Exchange enables the auto-classification of mailboxes and attachments for organizations concerned about the security of confidential information, reducing the costs of eDiscovery, and identifying compliance exceptions. The application automatically generates multi-term metadata – we’re talking phrases, strings, subjects, and concepts – using Concept Searching’s unique compound term processing technology. Included in the classification are the triggers specified in emails, including any attachments. It enables rules to be easily created, and even a business user, if authorized, can create them.
Organizations should focus on the front line. Training, which is rarely done, should be mandatory and take place often. At least give the end users a heads up. Also, invest in the right tools – such as ours. Seriously, protect emails with any type of weapons you have – you do know it’s us versus cybercriminals, don’t you? Contact us to see what our product does – it doesn’t hurt and it’s much better than a data breach.