Sunday, February 21, 18:35
Home security Office 365: New phishing campaign targets its administrators

Office 365: New phishing campaign targets its administrators

Security experts warn of a new campaign phising that targets Office 365 administrators and uses validly domains to bypass spam filters.

PhishLabs said it saw malicious emails being sent as part of the campaign to a wide range of industries and businesses, and the reasons targeted by victims vary.

365 office

“For starters, Office 365 administrators have control over all their accounts. e-mail in a domain. Depending on the current configuration of Office 365, a malicious administrator account can be used to retrieve a user's email or to have full control of other email accounts in the domain, ”said a PhishLabs spokesman.

"In addition, Office 365 administrators often have increased privileges on other systems within an organization, allowing for further breaches through password reset or abuse attempts. single-sign-on systems ”.

Once an administrator is deleted, the attackers are able to create new accounts, which are then used to send more invalid phishing emails.

By creating new accounts to conduct this online phising activity, the hackers they are more likely to stay under the radar.

365 office

These phishing baits look like regular emails sent by her Microsoft - for example, a message asking the recipient to log in to the Office 365 administration center to update payment information.

Finally, Office 365 continues to grow in popularity for users and hence for hackers. Barracuda Networks discovered over 1,5 millions of malicious and spam emails sent from thousands of malicious accounts just over a month earlier this year.


Please enter your comment!
Please enter your name here

In a world without fences and walls, who needs Gates and Windows


How to add special effects to Instagram messages

Did you know that you can make instant Instagram messages more impressive? Like any other Instagram feature, you can add special ...

Only 270 addresses are responsible for 55% of all money laundering

Cybercriminals who keep their money in cryptocurrencies tend to "launder" money through a small set of online services, according to ...

Twitter: Voice messages are coming! How do we send them?

Twitter will soon support voice messages in both iOS and Android applications. This means that you will be able to send ...

How to connect a Bluetooth headset to a Nintendo Switch

The Nintendo Switch has a headphone jack. However, most headphones have become wireless so you will need a way to connect them ...

How to hide your phone number in Telegram

If you wish to create a Telegram account, you must provide your telephone number. In this way, Telegram validates the ...

Google Assistant: How can you delete your recordings?

Google Assistant can make your daily life much easier. However, it also involves some privacy issues, as ...

Microsoft: Office 2021 / Office LTSC coming in the second half of 2021

Microsoft announced that the Microsoft Office Long Term Service Channel (LTSC) and Office 2021 will be released in 2021, for ...

How to quickly create QR codes with Bing

If you ever need to create a QR code, but you do not know how, Microsoft has an easy-to-use tool available in any program ...

Brave: Onion addresses leaked to DNS traffic

The Tor function included in the Brave web browser, allows users to access .onion dark web domains within ...

What are the 6 most known attacks on gaming companies?

A few days ago, the gaming company Big Huge Games informed the players that it was the victim of an attack, which affected its data ...