Threat Actors Targeting Orgs through Microsoft 365 Collaboration Features Says Fortra

Fortra Intelligence and Research Experts (FIRE) are tracking phishing activity embedded within Microsoft 365 collaboration features such as Outlook Groups, shared files, and calendars. Attackers are using these trusted workflows to introduce seemingly routine updates or meetings that lead users toward risky actions.

In the attacks, victims are targeted through repeated exposure. The user is not expected to take action with the initial email, but rather, see the tentative meeting, open the event, review the description, click a link, or open a referenced file, making it critical for security teams to monitor collaboration activity holistically. Organizations that fall victim could experience credential theft, data exposure, service disruption, and more. 

Read details from the FIRE team here: https://www.fortra.com/blog/phishing-through-collaboration

Leave a Reply

Discover more from The IT Nerd

Subscribe now to keep reading and get access to the full archive.

Continue reading