Yellow alert: Data breaches in Microsoft 365 accounts as a result of phishing
Information security now!
Criminals are phishing Microsoft 365 passwords with fake email messages. The usernames and passwords acquired by phishing can be used by the criminals to break into M356 accounts. Dozens of Finnish organisations have reported phishing messages and new data breaches. The phishing campaign spreads between organisations through the contacts of the hacked user accounts.
The secure email theme used in the phishing campaign makes the fake messages look more credible. This has resulted in an exceptionally high number of data breach victims. The link normally included in a secure email has been replaced with a link that leads to a phishing site controlled by the criminals. The message or secure email may also include a PDF attachment with a link to the criminals’ phishing site. The PDF attachments seen so far have been harmless, but the link should not be opened.
The National Cyber Security Centre Finland recommends using forced multi-factor authentication (MFA) to prevent the criminals’ login attempts. However, any single protection measure is not enough, but special attention should also be given to staff training.
“The most important thing is to be aware of the ongoing campaign. Pay special attention to MFA. Pay attention to which website you are on and be careful before entering your password”, says Harri Holmström, Senior Specialist at the NCSC-FI at Traficom.
The NCSC-FI’s weekly review contains information about current cyber phenomena. This week we will share instructions on how to protect your home network and router.
Additional information: Traficom’s Communications Department: tel. +358 29 534 5648