Menu
Alert NZ service provider heads off Office 365 compromise

Alert NZ service provider heads off Office 365 compromise

Phishing attack foiled when service provider notices increased outbound mail

CERT NZ has released its first quarterly report of 2019.

CERT NZ has released its first quarterly report of 2019.

New Zealand's cyber security watchdog is reporting that an alert but unnamed IT service provider delivered sterling service to a business customer whose Office 365 account was compromised.

The attacker used the account to send thousands of phishing emails to the business’ clients, the Computer Emergency Response Team (CERT) said in its first quarterly report of 2019.

The compromised account belonged to an employee of the business, who had a large contact list. The attacker used their account to email their contacts a link to a document on a file hosting service, Microsoft OneDrive. 

If the recipient clicked on the link, they were taken to a legitimate-looking OneDrive login page asking them to enter their username and password.

"The page was fake and for every recipient who entered their username and password, the attacker was able to access their email account as well," CERT said.

"The scam went undetected for many recipients who clicked on the link and entered their details as it seemed like a regular download process.

The IT service provider noticed an unusually high volume of emails being sent and reported the attack to CERT.

"CERT NZ worked with the IT service provider and the business to alert those on the contact list, help the business secure their account, and prevent the attackers from sending further emails. 

"CERT NZ recommended the business set up two-factor authentication on their email and cloud service accounts to help prevent future compromise."

CERT NZ said it also received reports from the recipients of the phishing email who had followed the link and entered their username and password. It also provided them with assistance to help secure their accounts.

By helping to minimise the financial impact to the email recipients, CERT said it helped mitigate any potential negative impact on their reputation.

CERT said its counterpart organisation NCSC UK has produced an Office 365 guide, available on their website.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags phishingOffice 365CERT NZ

Featured

Slideshows

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

This exclusive Reseller News Exchange event in Auckland explored the challenges facing the partner community on the cloud security frontier, as well as market trends, customer priorities and how the channel can capitalise on the opportunities available. In association with Arrow, Bitdefender, Exclusive Networks, Fortinet and Palo Alto Networks. Photos by Gino Demeer.

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security
Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomed 2019 inductees - Leanne Buer, Ross Jenkins and Terry Dunn - to the fourth running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing face of the IT channel ecosystem in New Zealand and what it means to be a Reseller News Hall of Fame inductee. Photos by Gino Demeer.

Reseller News welcomes industry figures at 2020 Hall of Fame lunch
Show Comments