A new Phishing scam involving a VPN configuration email to trick Microsoft 365 users from giving their credentials away. This time scammers have found a creative way to trick people seeking online privacy, security and anonymity. The latest scam involves the prominent use of VPNs by remote workers. Scammers are sending relevant phishing emails in order to steal Microsoft 365 credentials.
The new scam was discovered by researchers at Abnormal Security. In their blog post, Abnormal Security mention that the attackers impersonate a notification email from the company’s IT support. The sender’s email address is spoofed, and the email contain a link to a new VPN configuration for home access. It turns out that the hyperlink actually directs the user to an Office 365 credential phishing site. Therefore, if people fall for this attack, then their credentials would be compromised.
However, there are ways to stop scams like this from succeeding. Here are two important things to take away to avoid yourself from falling into the trap.
- Activate Microsoft 365 Multi-factor authentication- By adding in Multi-authentication layers to your accounts means that scammers will not be able to steal your credentials.
- Educate users – Take time in teaching your employees on the red flags that a phishing email would contain, and educate them on cyber threats. Cyber security training programs help minimise the risk.
Therefore to help you out, we’ve listed out the red flags you need to look out for in order to avoid falling for the trap.
How to spot a Phish?
Here are the red flags you need to watch out for whenever you receive an email.
- From Field – Do I know the sender? Do I normally communicate with the sender? Is the email from a suspicious domain? If in doubt, don’t open it.
- Attachment – Were you expecting to receive an attachment? Do you normally receive attachments from the sender? What type of file is attached? If in doubt, don’t open the attachment.
- Subject Line – Does the subject line create a sense of urgency? Does the subject line match the email content?
- Use of Language – Do you have an account or association with the company? Does the email contain obvious spelling or grammatical errors?
- Hyperlinks – Is the test of the link the same as the destination? Does the link include incorrect spelling or modified version of a known URL? If in doubt, do not click on the link. Verify the link by calling the sender.
Siccura Cybershield is the most interactive Cyber security training awareness program. With a philosophy as simple as Test. Aware. Engage, we’ll help you:
- Test your employees and IT defences by playing the role of an attacker.
- Make your employees aware of the types of attacks such as Phishing, Vishing, Ransomware and more
- Engage your employees by sharpening their knowledge, and teaching them how to combat threats.
Through the training program, we’ll help you turn your employees into a Human Cybershield ready to defend your business.