Phishing is the act of sending phony emails to people for the purpose of tricking them into revealing their user name and password. The sender pretends to represent an organization that has a viable reason to make an information request. For instance, you might get a genuine-looking email that looks just like it’s from Paypal. The sender will be claiming that there’s something wrong with your Paypal account. They want you to click on their link and go to your Paypal site and then log in and change your password or some other action.
Should you follow their instructions? No! These are cyber thieves trying to get your personal and financial information. Their goal is to steal from you. Hacking has become big business around the globe.
Microsoft Office 365: How It Works
Office 365 is a longstanding software package developed by Microsoft. It includes Word, Excel, PowerPoint, and other commonly used software applications that are used in business. Office 365, unlike previous versions of these applications, operates through yearly subscriptions. Updates are performed regularly. You have access to the latest programs so you can work more efficiently both at home and in the office.
There are good reasons to operate under a yearly subscription plan using these programs. They’re always current and up-to-date and you never have to worry about maintenance issues. Office 365 is available for phones, tablets, computers and you can work from anywhere there’s an internet connection. Microsoft has consistently created the best security programs and systems to guard its products from hackers. And yet, cyber thieves are finding ways around these security protocols.
What Potential Is There For Phishing Scams?
Any hacker can potentially claim that they represent Microsoft. These thieves have been able to replicate an authentic email very well. People who are not paying attention might fall for one of these phony emails. These hackers can sound like they have a viable reason to request information or actions that could place the account holder at risk.
Using good business imagery and closely matching email addresses, recipients may be fooled. Hackers can easily cut and paste company logos into these emails to make them even more convincing. Meanwhile, users that fail to take a second look may be fooled. They can inadvertently reveal log-in information, credit card numbers, or banking information.
Can Hackers Get Around Microsoft’s Security Features?
Recently, hackers have been using certain phishing methods to bypass the current Safe Links security features found in Office 365 software. Safe Links have been a basic aspect of the organization’s Advanced Threat Protection (ATP) program, which has been helping to protect businesses from receiving damaging links that are sent through phishing.
These links scan the URL in attempt to match it to those entered into a stored blacklist, notifying the user of detections. By using tags in HTML headers, hackers have been able to bypass the detection of harmful listings.
Many users of Outlook have been affected by this approach, and while Gmail’s security has evolved well enough to avoid these kinds of bypasses, similar updates are recommended for Microsoft. SecurityWeek explained that users now have the capacity to block URLs on gateways. While this has helped prevent attacks, software developers will be required to address all these new threats as they design their software programs.
Microsoft has been updating aspects of its security to increasingly protect against the improvements of phishing and hacking actions. Along with their central ATP features, which allow users to customize their account settings, users can create their own system-tailored anti-phishing policy. It will update across the range of datacenters within 30 minutes of activation.
These help but there is now a full range of phishing attack types, including ‘spearfishing’ and ‘whaling.’ These both target specific individuals in an organization—normally someone in a high position such as CEO and CFO.
One of the problems with Office 365 security is that ATP is not available with the basic subscription. Users must purchase the security feature or a different version of the software in order to get the best protection against the latest hacking schemes. Once the additional protection is purchased, users should optimize the wide range of settings available within advanced ATP features to get the best security.
According to The Hacker News, cyber theives have been adding words hidden to the user, reducing their font size to zero, in efforts to make phishing emails appear normal to security code while bypassing its detection features. This method has been used to improve the potential and frequency of phishing scams. There’s now a greater demand for updated security features that are able to detect writing with a font size of 0.
CSO reported that there has been an increase in phishing scam types, and while the zero-font method may be addressed with security code improvements, another type of bypass method will likely be developed by hackers.
What Should I Do?
Microsoft recommends that users follow common practices in addition to optimizing program features to best protect against hacking scams. These may include:
Learn about ATP and its advanced features and security upgrades.
Establish an optimized ATP policy for your business.
Learn about ATP anti-phishing policy options.
Set up an ATP anti-phishing policy that addresses your company’s distinct needs.
Research and upgrade security options and features as needed.
Continue to follow statistics and trends regarding hacking and the efforts of cyber-thieves.
Brian Gray, MCP, is the President at Kraft Technology Group, LLC (KTG), an affiliate of KraftCPAs PLLC. Within his role, Brian is responsible for all aspects of service delivery to our clients. Brian has a decade of experience working for managed service providers. He has worked with clients in a variety of industries, including financial services, accounting, legal, healthcare, manufacturing, and retail.