Menu
Alert NZ service provider heads off Office 365 compromise

Alert NZ service provider heads off Office 365 compromise

Phishing attack foiled when service provider notices increased outbound mail

CERT NZ has released its first quarterly report of 2019.

CERT NZ has released its first quarterly report of 2019.

New Zealand's cyber security watchdog is reporting that an alert but unnamed IT service provider delivered sterling service to a business customer whose Office 365 account was compromised.

The attacker used the account to send thousands of phishing emails to the business’ clients, the Computer Emergency Response Team (CERT) said in its first quarterly report of 2019.

The compromised account belonged to an employee of the business, who had a large contact list. The attacker used their account to email their contacts a link to a document on a file hosting service, Microsoft OneDrive. 

If the recipient clicked on the link, they were taken to a legitimate-looking OneDrive login page asking them to enter their username and password.

"The page was fake and for every recipient who entered their username and password, the attacker was able to access their email account as well," CERT said.

"The scam went undetected for many recipients who clicked on the link and entered their details as it seemed like a regular download process.

The IT service provider noticed an unusually high volume of emails being sent and reported the attack to CERT.

"CERT NZ worked with the IT service provider and the business to alert those on the contact list, help the business secure their account, and prevent the attackers from sending further emails. 

"CERT NZ recommended the business set up two-factor authentication on their email and cloud service accounts to help prevent future compromise."

CERT NZ said it also received reports from the recipients of the phishing email who had followed the link and entered their username and password. It also provided them with assistance to help secure their accounts.

By helping to minimise the financial impact to the email recipients, CERT said it helped mitigate any potential negative impact on their reputation.

CERT said its counterpart organisation NCSC UK has produced an Office 365 guide, available on their website.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags phishingOffice 365CERT NZ

Featured

Slideshows

Reseller News Platinum Club celebrates leading partners in 2019

Reseller News Platinum Club celebrates leading partners in 2019

The leading players of the New Zealand channel came together to celebrate a year of achievement at the annual Reseller News Platinum Club lunch in Auckland. Following the Reseller News Innovation Awards, Platinum Club provides a platform to showcase the top performing partners and start-ups of the past 12 months.

Reseller News Platinum Club celebrates leading partners in 2019
Reseller News hosts alumnae breakfast for Women in ICT Awards

Reseller News hosts alumnae breakfast for Women in ICT Awards

Reseller News hosted its second annual alumnae breakfast for the Women in ICT Awards in New Zealand, designed to showcase the leading female leaders in the industry. Held at The Cordis in Auckland, attendees came together to hear inspiring keynotes and panel discussions, alongside high-level networking among peers. Photos by Gino Demeer.

Reseller News hosts alumnae breakfast for Women in ICT Awards
Reseller News Innovation Awards 2019: meet the winners

Reseller News Innovation Awards 2019: meet the winners

Reseller News honoured the standout players of the New Zealand channel in front of more than 480 technology leaders in Auckland on 23 October, recognising the achievements of top partners, emerging entrants and innovative start-ups.

Reseller News Innovation Awards 2019: meet the winners
Show Comments