Services available through the Microsoft Office 365 suite, including SharePoint and OneDrive, are increasingly popular targets for phishing scams. (Microsoft)
Attackers are exploiting the rapid adoption of cloud-based collaboration services such as Microsoft’s SharePoint Online and OneDrive by leveraging them as a social engineering tool to trick users into clicking on malicious links, often for the purpose of wire fraud or supply chain fraud.
In an analysis this week, cybersecurity firm Proofpoint revealed that in the first half of 2020, it collected approximately 5.9 million email messages featuring malicious SharePoint Online and OneDrive links. While these emails constituted only about one percent of all messages containing malicious URLs, they represented more than 13 percent of all user clicks.
This report comes on top of another report this week that warned of similar tactics to steal a corporate user’s login credentials using Microsoft Teams.
Users were found to be seven times more likely to click on a malicious SharePoint or OneDrive link that’s hosted on a legitimate Microsoft domain. Recipients were four times more likely to click on a ShareP ..
Support the originator by clicking the read the rest link below.
