A recent article from HackRead.com highlights a phishing scam that targeted victims by claiming their Zoom account had been suspended. Because Office 365 is one of the top productivity platforms for business, and that Zoom has become business’s primary way to connect since quarantine struck, cybercriminals cast a wide net by targeting those platforms with recent attacks. Social engineering is suspected to account for a third of all data breaches. Social engineering is the use of deception to manipulate individuals. The thing cybercriminals want the most is access to your email, which just happens to be the #1 way criminals gain access your company’s systems. Phishing is form of socially engineered attack who’s aim is just that.
Phishing emails attempt to pass as legitimate emails. In our most recent case it was an email suggesting that your Zoom account had been suspended. Those who fell victim to the attack clicked on the “Activate Account” button and where subsequently brought to a web page that cybercriminals setup to look exactly like your Office 365 login. For those that continued down this road, victims entered their Office 365 login information where it was promptly delivered to the criminals who launched the attack.
There are 3 things that businesses can do to prevent these types of attacks.
- The first and probably most important thing is to properly train their people on how to distinguish between a real email and a fraudulent email.
- The second is to employ and email security service to reduce the number of fraudulent emails delivered to their users.
- Lastly is a web filtering service that can block fraudulent websites.
At Engler IT we take security very seriously. We offer regular security training, as well as advanced email security services and web filtering to all our clients at no additional cost. All this so your company can operate safely and security no matter what cybercriminals may through your way.
