As you may be aware, there have been a variety of phishing emails that are being rapidly delivered to many businesses. We have seen many target Office 365 Email users specifically. While phishing generally gives malicious users access to personal information, it can quickly trigger a ransomware attack should they gain access to your accounts and/or systems. We highly encourage spreading the awareness of the critical importance of safe computer use in the work place.
What is phishing?
Phishing is one of the easiest forms of cyber-attack for a criminal to carry out, and can provide the malicious user with everything they need to infiltrate every aspect of their targets’ personal and working lives. Usually carried out over email (however the scam has now spread to social media, messaging services and apps) a basic phishing attack attempts to trick the target into doing what the scammer wants. That might be handing over passwords to make it easier to hack a company, or altering bank details so that payments go to fraudsters instead of the correct account. The aim and the precise mechanics of the scams vary: victims might be tricked into clicking a link to a fake web page persuading the user to enter personal information. It is estimated that an average of 1.4 million of these websites are created every month!
We at Vorbi want to stress the importance of safe email use. Do not open links or attachments in emails unless you are expecting them. In addition to the following steps, we strongly recommend that all businesses ask their employees to avoid accessing their personal email while on a work computer.
Below are some tips for practicing safe email use:
- Always check the actual domain that an email is being sent from (for example you may know a Jane Smith who has an email of firstname.lastname@example.org, however in a phishing scam, it may appear that Jane Smith is emailing you with an attachment, but the address actually says jsmith@O365netcom.com or a similar clearly invalid domain).
- Only open email that you need to perform your job.
- Don’t open email attachments from/in strange or unexpected emails.
- Transmit confidential information to appropriate individuals outside the company using only approved, secure methods.
- Only use external media (USB’s, CD’s, external hard drives, etc.) from known resources (i.e. brand new or Company Inventory).
If you use Office 365 for email, we encourage you to be extra vigilant. Emails containing hyperlinks or attachments that require additional actions by you should be carefully vetted before proceeding. If you are unsure if an email you received is legitimate, do not click on any links, attachments, or provide any information.
If you think you may have fallen victim to a scam, immediately contact your support group to screen your computer and network for malware. It is also recommended to:
• Reset your username and password
• Disable any forwarding rules or rules that move messages to the deleted folder
• Enable auditing on the mailbox
We also encourage you to contact any of your email contacts via phone or a safe email address to inform them that your email account has been compromised and to let them know they may receive fraudulent emails appearing to be sent by you.
Signs your account may have been compromised include:
- Providing your email login credentials in response to a suspicious email
- Not receiving new emails you are expecting
- Emails in your sent folder were not sent by you
- An Out of Office message has been turned on that you did not set up
Additional resources to learn more about recent malware campaigns:
- Phishing Scam: https://www.inc.com/will-yakowicz/biggest-email-phishing-scams-2018.html
- Trojan Campaign: https://www.proofpoint.com/us/threat-insight/post/parasite-http-rat-cooks-stew-stealthy-tricks
- Ransomware attacks: https://digitalguardian.com/blog/history-ransomware-attacks-biggest-and-worst-ransomware-attacks-all-time
If you do not have a Business Continuity package with Vorbi’s High Availability Domain Controller, File Server, and Backups we encourage you to contact Vorbi to find out more about services that can help protect your critical business data should your systems become compromised.