Tag Archives: Office 365

When Phishing Starts from the Inside

A growing concern of security professionals is internal phishing attacks – phishing emails sent from one trusted user to another of the same organization. Internal phishing emails are used in multi-stage attacks in which an email account is owned either by controlling the users device with previously installed malware or by compromising the account credentials of the user. Internal phishing emails are used in both targeted attacks, where the aim is to steal information or commit extortion, and common with Business Email Compromise (BEC) schemes designed to steal money. Because the sender is an internal and trusted user, the recipient is more likely to take action on the email. Continue reading

Dealing with ransomware in Office 365

pastedgraphic-1-kopieGoogle Docs, iWork, Office 365, … The number of organizations that has made the switch from local mail servers to a cloud-based collaboration offering, is growing at an increasing pace.

The reasons for switching are clear: no investments upfront because you pay as you add users, no personnel required for imaging your infrastructure, easier access from anywhere, … you can probably come up with some extra reasons as well. Continue reading