The hunt for Office 365 accounts
The current surge in remote working has raised cybercriminal interest in Office 365, one of the most common cloud collaboration platforms.
The basic scheme is simple: Cybercriminals lure a company employee to a fake Office 365 login page and persuade them to enter credentials. In other words, it is phishing. The specific methods by which the attackers try to get usernames and passwords differ, but here are the most common tricks of the trade.Fake Teams messages
As a rule, when attackers send an e-mail message meant to look like a Microsoft Teams notification, they stress urgency, hoping the recipient won’t take a minute to note any irregularities. So,...