Microsoft issues alert to Office 365 users to be on the lookout for phishing email
Microsoft's Security Intelligence team has issued an alert to Office 365 users and admins to be on the lookout for a "crafty" phishing email with spoofed sender addresses
The best cybersecurity certification: Deepen your knowledge
Cybersecurity certifications can help you get your foot in the door into what has fast become an industry with a high demand for skilled staff. Here is how to get started.
Microsoft put out an alert after observing an active campaign targeting Office 365 organizations with convincing emails and several techniques to bypass phishing detection, including an Office 365 phishing page, Google cloud web app hosting, and a compromised SharePoint site that urges victims to type in their credentials.
SEE: Network security policy (TechRepublic Premium)
"An active phishing campaign is using a crafty combination of legitimate-looking original sender email addresses, spoofed display sender addresses that contain the target usernames and domains, and display names that mimic legitimate services to try and slip through email filters," the Microsoft Security Intelligence team said in an update.
"The original sender addresses contain variations of the word "referral" and use various top-level domains, including the domain com[.]com, popularly used by phishing campaigns for spoofing and typo-squatting."
Join the Conversation on Linkedin | About PEO Compass
The PEO Compass is a friendly convergence of professionals and friends in the PEO industry sharing insights, ideas and intelligence to make us all better.
All writers specialize in PEO business services such as Workers Compensation, Mergers & Acquisitions, Data Management, Employment Practices Liability (EPLI), Cyber Liability Insurance, Health Insurance, Occupational Accident Insurance, Business Insurance, Client Company, Casualty Insurance, Disability Insurance and more.
To contact a PEO expert, please visit Libertate Insurance Services, LLC and RiskMD.