We take a look at the recent worrying development where phishing emails are now prompting users to also add their One Time Passwords, and how to protect yourself and your business.
Multi Factor Authentication
Hands On IT Services have always championed Multi Factor Authentication, as it is the best way to secure your Microsoft 365 accounts and up until now phishing attacks concentrated on those accounts without the protection of MFA, but this is changing.
They are now starting to also request the additional One Time Passwords, which means that extra awareness is critical because by providing the username, password and One Time Password, users are handing over complete control of their accounts which will mean:
– Access to any stored email that has ever been sent or received.
– The ability to send and receive new emails as that user.
– Configuration of any Outlook rules designed to hide any ongoing conversations with existing clients or suppliers.
– The ability to reset passwords on any other cloud services where that company email address is used as the reset password.
– All Company SharePoint and OneDrive data that the user has access to.
– Every Teams conversation that has taken place.
– The ability to send and receive messages on Teams.
– Plus every / any function the user has access to.
High Risk Of Fraud
The potential for fraud is exceptionally high. A malicious party can send out a mass mail from the user account, broadcasting that you have been hacked to all your contacts. At this stage we would perform a lockdown whilst you would handle all the phone calls and concerns from your customers. More sophisticated attacks will observe what kind of data you have access to and try to identify what kind of fraud could be committed.
This type of attack is especially dangerous as a ransom could be demanded against the value of your data being leaked, a false payment could be requested from customers or clients, and any personally identifiable data obtained could be used to commit further fraud.
Ways To Protect Yourself
– Please do instruct your end users to be suspicious of any links that ask them to log in.
– NO large organisation should contact you directly to do this without you first contacting them.
– If at all unsure, open a new web session, browse to that company and attempt to log in independently of the original email.
– We highly recommend forwarding this page to all your end users to highlight this risk.
What To Do Next
Please take a look at our articles below for more information on phishing attacks and if you would like to speak to us directly regarding the safety of your organisation please call us on 020 8649 9911 or email us at firstname.lastname@example.org.