まっちゃだいふくの日記★とれんどふりーく★ このページをアンテナに追加 RSSフィード Twitter

<< 2018/06 >>
1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30


2018年06月15日(金曜日) 千葉県民の日


[][]Viestintävirasto - Office 365 email phishing and data breaches very common – detect, protect, inform!



In many cases, phishing and data breaches have been targeted at the members of the companies’ executive boards. The NCSC-FI believes that organised criminal groups, looking for easy money, are behind the incidents. Industrial espionage is, however, not excluded.

A common feature in these cases is that the criminals have been phishing for the employees with Office 365 email credentials by email and scam websites, and used the credentials for logging into the email systems of companies using Office 365 email. After a successful login, the attackers have changed the email settings for people in decision-making position or people dealing with money transfers or invoices so that the company’s email system automatically sends a copy of all these people’s messages to the attackers. The attackers have also used the hacked credentials for sending new targeted phishing and scam emails.

Phishing of employees’ and directors’ email credentials via scam messages and websites using Office 365 as a theme is now very common. Very few companies are required to inform the NCSC-FI about information security incidents they have fallen victim to, and the NCSC-FI believes that the voluntarily sent reports are only the tip of the iceberg of this phenomenon. This is why the NCSC-FI published this red alert.

no title


トラックバック - http://d.hatena.ne.jp/ripjyr/20180615/1529009719