In recent weeks we have witnessed an increase in phishing attacks targeting businesses and consumers who use Office 365 email services. Unscrupulous syndicates are coordinating efforts to gain access to Office 365 accounts by stealing login credentials obtained using convincing fake login screens.

Fraudster email attacks are becoming increasingly sophisticated – often appearing to be sent from a business, organization, or individual the victim normally emails or does business with. The fictitious emails contain malicious links or attachments that redirect the victim to a fake login page asking for their email username and password. Once the information is entered, fraudsters then use the stolen credentials to log into Office 365 and send fraudulent emails to the victim’s contact list, perpetuating the scam. We have also seen the interception of email communications between legitimate parties and then fraudulent requests for invoice payments.

If you use Office 365 for email, we encourage you to be extra vigilant. Emails containing hyperlinks or attachments that require additional actions by you should be carefully vetted before proceeding. If you are unsure if an email you received is legitimate, do not click on any links, attachments, or provide any information.

If you think you may have fallen victim to this scam, immediately contact your IT Support team or NETCONFIG to:

• Reset your user username and password
• Disable any forwarding rules or rules that move messages to the deleted folder
• Screen your computer and network for malware

We also encourage you to contact any of your email contacts via phone or a safe email address to inform them that your email account has been compromised and to let them know they may receive fraudulent emails appearing to be sent by you.

Signs your account may have been compromised include:

• Providing your email login credentials in response to a suspicious email
• Not receiving new emails you are expecting
• Emails in your sent folder were not sent by you
• An Out of Office message has been turned on that you did not set up

NETCONFIG recommends taking the following preventative measures to protect you and your organisation:

• Educate yourself, your employees and friends and family that may use your computer to be careful when browsing the internet and accessing email. If you are unsure where an attachment or link leads or if it is legitimate, do not click on it or provide personal or financial information. Make sure users know who to alert if they feel they may have fallen victim to a scam.
• Ensure that you use complex passwords that are at least 8 characters long, use uppercase and lowercase letters, use special characters and make sure you don’t reuse the same password over and over again. Change your password frequently. Please contact our National Helpdesk should you need assistance. We will be mandating password policies for all Office 365 Customers across the board.
• Use Office 365’s included multifactor authentication tool. In addition to your username and password, this tool requires you to access a mobile app or text message to further validate your identity. While this adds an additional step to the login process, it reduces the likelihood that a fraudster can log in if your login credentials are stolen.
• Use Advanced Threat Protection, an add-on to Office 365 that scans attachments and e-mail links for malicious content. It also helps identify potential phishing and spoofing scams. Discuss these options with your Account Manager to enhance your security around Office 365.

While Office 365 is the most recent phishing target, these types of scams regularly impact other email applications and platforms as well. Always be cautious when opening any emails that were not expected, are coming from someone you do not know, and contain links or attachments you were not expecting. Whilst the threat landscape is ever evolving. As these threats evolve NETCONFIG will ensure we take a best practice approach at all times however there is the human element that we cannot control. Therefore Education and Training is paramount to mitigate these risks. Please chat to our Training Department on Security training for you and your staff.

Please Note: Microsoft and/or NETCONFIG will NEVER

• Email you to change your password
• Send you an email to verify your username and password to keep your Office 365 account Active
• Send you an email that your account is about to Expire and you will need to input your credentials
• Send you an email that you need to activate your Office 365 account by inputting your credentials
• That your mailbox has reached its quota and you need to input your credentials to clean up your mailbox

Examples of Phishing emails below:

1. 1. Quota being reached
      
   2. Account to be verified
      
   3. Request to cancel Deactivation of your Account
      
   4. Password Expired 

Quick items to check on your Microsoft Outlook

One of the most common targeted attacks at the moment is that once your account has been compromised, these criminals will setup an Email Forwarding rule on all your incoming and outgoing email.

1. Please check your Microsoft Outlook for any strange email forwarding rules that may not have created.
2. Have a look “Sent Items” to see if the emails that are being sent out are the ones you have physically sent.

If you would like to find out how to make your business more secure in the digital world, chat to the sales team at NETCONFIG, we are here to assist.

Submit spam, non-spam, and phishing scam messages to Microsoft for analysis

Use email to submit junk (spam) or phishing scam messages to Microsoft

To submit a junk or phishing scam message to Microsoft:

1. Create a blank email message.
2. Address the message to the Microsoft team that reviews messages, as follows:

• For junk messages: junk@office365.microsoft.com
• For phishing scam messages: phish@office365.microsoft.com

3. Copy and paste the junk or phishing scam message into the new message as an attachment.

Note

You can attach multiple messages to the new message. Make sure that all the messages are the same type — either phishing scam messages or junk email messages. > Leave the body of the new message empty.

4. Click Send.