The dangers of phishing attacks are becoming more well known, but the many ways in which they can be carried out is still taking some unwary businesses by surprise. Even if you think you are keeping up to date with the new methods hackers are using, it’s easy to fall prey to an attack that has yet to come to the attention of a wider user-base outside of IT security circles.
The OneDrive phishing scam is a good example of this, but there are some simple ways you can make sure you, your staff, and your business are protected.
A set of email phishing campaigns that try to get their targets to interact with malicious scripts, the OneDrive phishing scam is another example of how the dangers are evolving and evidence of the ingenuity of the hackers involved. This is backed up by the fact that there is no real information about the perpetrators behind the scam at the time of writing.
This email scam tactic involves getting a target to interact with a scam site. The emails themselves are cleverly designed to look like legitimate communications from a trusted source, with URL links masking the fact that the addresses do not direct to a legitimate OneDrive address.
Infected payloads can be downloaded and software set-up files can install malware on the target system. A big problem is that the OneDrive phishing scam often features malware that can persist on a system even after using if de-infection processes. High-volume infections can come from web browser ‘hijacker’ plugins, which confuse users and can change default settings to redirect users to the sites that hackers want them to visit.
Email messages that appear to be sent by OneDrive can also trick users into going to domains that are not what they seem, and then messages that there are files ‘awaiting for review’ on a OneDrive cloud repository can appear.
Although this type of attack is now common and targets businesses of all sizes, there are some simple steps to minimise the threats they pose. Multi-factor authentication (MFA) is one way that is proving to be effective, which is why it is being utilised by so many companies, from bank and payment providers to various official websites of organisations across the spectrum.
MFA works by having a two-step process that relies on more than supplying a password and includes further data that has either been pre-agreed or uses randomly-generated codes. MFA is a simple process to use, and implementing it might be as straightforward as knowing how to turn it on in the software that you are already running.
At GCC, we pride ourselves on having a proactive and responsive approach to ensuring our customers have the software and hardware they need for the job, as well as providing the knowledge and skills to use these effectively. Contact us to find out more.