Retarus Press Release:
Retarus alert: Bogus Microsoft 365 emails in circulation
Devious variant of phishing simulates password verification
Milano, 21.02.2018 // The security experts at Retarus are cautioning users about a particularly sneaky wave of phishing attacks: Personalized phishing mails with a deceptively realistic Microsoft design and layout are currently doing the rounds, amongst other things requesting recipients to enter and confirm their passwords. Retarus is therefore advising users to check any links contained in such messages with the utmost care. Additional protection is provided by special email security solutions which boast comprehensive filtering of phishing messages and the latest advanced threat protection functions.
The phishing email currently circulating has the subject line “Update Your Account Information To Avoid Service Suspension” and purports to be from the sender “Microsoft 365” (@office.com). In the email, recipients are instructed to update their user details stored with Microsoft 365. The link contained in the message leads to a website which resembles that of Microsoft with deceptive accuracy. The exceptional feature of this attack is that the email makes a credible impression by requesting that users enter their passwords twice for verification. The fraudulent emails moreover resemble the genuine message both optically and in terms of the contents. They are formulated using correct language and contain a plausible sender address as well as authentic logos, fonts and colors. Those entering their login details are opening their Microsoft 365 accounts to the online fraudsters, including all data and documents that it contains.
Increased vigilance and advanced threat protection for optimum security
To safeguard against the dangers posed by these types of phishing attempts, increased vigilance and close attention to the plausibility of the message are essential. In the business environment, companies should sensitize their employees about dealing with emails that request user details without authorization. The linked destination address should be checked carefully. It is also possible to check the authenticity of the referenced website by means of the encryption symbol in the address field of the browser. For Microsoft 365 users, when in doubt it is advisable to enter the Microsoft web address manually into the browser and log into the customer area there.
In addition to raising awareness, professional email security services also assist in protecting companies from such phishing attacks. Specialized providers like Retarus augment their filter rules continuously ensuring that they remain updated at all times. At the same time, innovative mechanisms such as Retarus‘ Advanced Threat Protection examine all links contained in emails, for instance through time-of-click protection, each and every time they are clicked on and compare them in real-time with pertinent phishing databases. In this way, clicks made within dubious emails are intercepted effectively, while the user receives a security alert.
Informazioni su Retarus
Con le sue soluzioni e servizi eccellenti, l'infrastruttura intelligente e la tecnologia brevettata, Retarus gestisce le comunicazioni per aziende di tutto il mondo. Le tecnologie all’avanguardia, i data center sempre disponibili e l’innovativa piattaforma di cloud messaging di Retarus offrono la massima sicurezza, prestazioni di qualità superiore e continuità dei processi aziendali. L’esperienza di Retarus nella gestione dei flussi di informazioni a livello aziendale, sviluppata dal 1992 e mantenuta da 19 filiali in quattro continenti, assicura che tutte le informazioni arrivino in totale sicurezza e con la massima affidabilità al momento giusto, nel posto giusto e nel formato giusto. Ai servizi di Retarus si affidano il 41% delle aziende S&P Global 100. Tra i clienti di lunga data, Retarus vanta: Adidas, Autostrada del Brennero, Adecco, Bayer, BNP Paribas, Bosch, Continental, DHL, Feralpi Group, Fiat, Fujitsu, Galbani, Goldman Sachs, Grandi Salumifici Italiani, Lactalis, Linde, Mondi Group, Puma, Sony, Stellantis e Zeiss.