Retarus Press Release:

Retarus alert: Bogus Office 365 emails in circulation

Devious variant of phishing simulates password verification

Munich, 21.02.2018 // The security experts at Retarus are cautioning users about a particularly sneaky wave of phishing attacks: Personalized phishing mails with a deceptively realistic Microsoft design and layout are currently doing the rounds, amongst other things requesting recipients to enter and confirm their passwords. Retarus is therefore advising users to check any links contained in such messages with the utmost care. Additional protection is provided by special email security solutions which boast comprehensive filtering of phishing messages and the latest advanced threat protection functions.

The phishing email currently circulating has the subject line “Update Your Account Information To Avoid Service Suspension” and purports to be from the sender “Microsoft Office 365” (@office.com). In the email, recipients are instructed to update their user details stored with Microsoft Office 365. The link contained in the message leads to a website which resembles that of Microsoft with deceptive accuracy. The exceptional feature of this attack is that the email makes a credible impression by requesting that users enter their passwords twice for verification. The fraudulent emails moreover resemble the genuine message both optically and in terms of the contents. They are formulated using correct language and contain a plausible sender address as well as authentic logos, fonts and colors. Those entering their login details are opening their Office 365 accounts to the online fraudsters, including all data and documents that it contains.

Increased vigilance and advanced threat protection for optimum security

To safeguard against the dangers posed by these types of phishing attempts, increased vigilance and close attention to the plausibility of the message are essential. In the business environment, companies should sensitize their employees about dealing with emails that request user details without authorization. The linked destination address should be checked carefully. It is also possible to check the authenticity of the referenced website by means of the encryption symbol in the address field of the browser. For Microsoft Office 365 users, when in doubt it is advisable to enter the Microsoft web address manually into the browser and log into the customer area there.

In addition to raising awareness, professional email security services also assist in protecting companies from such phishing attacks. Specialized providers like Retarus augment their filter rules continuously ensuring that they remain updated at all times. At the same time, innovative mechanisms such as Retarus‘ Advanced Threat Protection examine all links contained in emails, for instance through time-of-click protection, each and every time they are clicked on and compare them in real-time with pertinent phishing databases. In this way, clicks made within dubious emails are intercepted effectively, while the user receives a security alert.

Screenshot Phishing Mail

About Retarus

Since 1992, Retarus has been supporting companies in achieving highly efficient communication. The global information logistics provider always plays an important role where large amounts of data need to be transmitted securely and reliably –– irrespective of which communication channels, interfaces, applications and devices are required. The services are soundly based on a Global Delivery Network which includes the company’s own data centres in Europe, the USA and the APAC region, as well as redundant carrier infrastructure. Half of all EURO STOXX 50 companies and 17 percent of Dow Jones corporations depend on Retarus’ services. Longstanding customers include Adidas, Bayer, Continental, DHL, DZ BANK, Honda, Linde, Osram, Puma, Sixt, Sony and Thomas Cook.

Press Contact Form

Download

Picture // 106 KB
The materials provided at this Web site are for use solely by the news media in articles or other news reports. You do not obtain any ownership right, title, or other interest in Retarus trademarks or copyrights by downloading, copying, or otherwise using these materials.

Always up-to-date

Retarus provides the latest news, information about events as well as reports on first-hand experiences from our customers and business innovators. Sign up for your free newsletter subscription now.

Contact for journalists

retarus GmbH
Global Headquarters
Media Relations
Aschauer Straße 30
81549 Munich
Germany
 
+49 89 5528-1400
+49 89 5528-1401

Choose your country or region.