PhishLabs said it saw malicious emails being sent as part of the campaign to a wide range of industries and businesses, and the reasons targeted by victims vary.
“For starters, Office 365 administrators have control over all their accounts. e-mail in a domain. Depending on the current configuration of Office 365, a malicious administrator account can be used to retrieve a user's email or to have full control of other email accounts in the domain, ”said a PhishLabs spokesman.
"In addition, Office 365 administrators often have increased privileges on other systems within an organization, allowing for further breaches through password reset or abuse attempts. single-sign-on systems ”.
Once an administrator is deleted, the attackers are able to create new accounts, which are then used to send more invalid phishing emails.
By creating new accounts to conduct this online phising activity, the hackers they are more likely to stay under the radar.
These phishing baits look like regular emails sent by her Microsoft - for example, a message asking the recipient to log in to the Office 365 administration center to update payment information.
Finally, Office 365 continues to grow in popularity for users and hence for hackers. Barracuda Networks discovered over 1,5 millions of malicious and spam emails sent from thousands of malicious accounts just over a month earlier this year.