Check Point’s Harmony Email & Collaboration team reported on October 2 that they identified over 5,000 emails impersonating Microsoft product notifications, which pose a risk of email extortion. These emails are notable for their professional design and inclusion of legitimate links.
This announcement aligns with Cybersecurity Awareness Month, underscoring the persistent dangers of phishing attacks.
### Email Scam Campaign Noteworthy for Its Professional Look
The fraudulent emails originate from “organizational domains impersonating legitimate administrators,” giving the impression that they are sent by an internal administrator, colleague, or business partner. They link to genuine Microsoft or Bing pages, complicating the detection of the scam even for vigilant employees who typically check for suspicious URLs.
Check Point cautioned that logging into these fake emails, and thus providing attackers with login credentials, can result in account takeovers, ransomware, data theft, and other detrimental outcomes. The team, however, did not disclose whether any individuals had fallen victim to the scam thus far.
In its 2023 findings, Check Point identified Microsoft as the most commonly spoofed brand in phishing attempts, followed by Apple, Google, Wells Fargo, and Amazon.
### Tips to Protect Yourself from Account Information Scams
Employees are encouraged to reach out directly to colleagues or administrators if they suspect an email may be fraudulent. If a request to share a folder or collaborate through business software is unexpected, it’s wise to confirm the email’s legitimacy with the person before acting on it.
Additionally, watch for misspellings or awkward phrasing, although the recent scheme identified by Check Point cleverly circumvents this by copying and pasting actual Microsoft privacy policy statements. The traditional notion that suspicious emails always contain errors is no longer reliable; attackers have adapted and often utilize correct grammar and polished language, aided by generative AI.
### Expert Recommendations for Cybersecurity
– Ensure operating systems and applications are up-to-date, as security patches often guard against the latest vulnerabilities.
– Use email providers with effective anti-spam filters.
– IT administrators should conduct regular training sessions to raise employee awareness about evolving scam techniques.
### Essential Security Precautions
Be vigilant with emails that seem to originate from major companies like Microsoft but do not fit the normal interaction pattern. Fortinet suggests employing technical measures, including reverse IP address lookups and auditing email accounts with the Domain-based Message Authentication Reporting & Conformance protocol.
Email administrators should configure mail servers to prevent unauthorized users from connecting directly to the SMTP port. Additionally, requiring that SMTP connections from outside your firewall funnel through a central mail hub can enhance the ability to trace and address email spoofing incidents within an organization.
