Menu
Alert NZ service provider heads off Office 365 compromise

Alert NZ service provider heads off Office 365 compromise

Phishing attack foiled when service provider notices increased outbound mail

CERT NZ has released its first quarterly report of 2019.

CERT NZ has released its first quarterly report of 2019.

New Zealand's cyber security watchdog is reporting that an alert but unnamed IT service provider delivered sterling service to a business customer whose Office 365 account was compromised.

The attacker used the account to send thousands of phishing emails to the business’ clients, the Computer Emergency Response Team (CERT) said in its first quarterly report of 2019.

The compromised account belonged to an employee of the business, who had a large contact list. The attacker used their account to email their contacts a link to a document on a file hosting service, Microsoft OneDrive. 

If the recipient clicked on the link, they were taken to a legitimate-looking OneDrive login page asking them to enter their username and password.

"The page was fake and for every recipient who entered their username and password, the attacker was able to access their email account as well," CERT said.

"The scam went undetected for many recipients who clicked on the link and entered their details as it seemed like a regular download process.

The IT service provider noticed an unusually high volume of emails being sent and reported the attack to CERT.

"CERT NZ worked with the IT service provider and the business to alert those on the contact list, help the business secure their account, and prevent the attackers from sending further emails. 

"CERT NZ recommended the business set up two-factor authentication on their email and cloud service accounts to help prevent future compromise."

CERT NZ said it also received reports from the recipients of the phishing email who had followed the link and entered their username and password. It also provided them with assistance to help secure their accounts.

By helping to minimise the financial impact to the email recipients, CERT said it helped mitigate any potential negative impact on their reputation.

CERT said its counterpart organisation NCSC UK has produced an Office 365 guide, available on their website.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags phishingOffice 365CERT NZ

Featured

Slideshows

Malwarebytes shoots the breeze with channel, prospects

Malwarebytes shoots the breeze with channel, prospects

A Kumeu, Auckland, winery was the venue for a Malwarebytes event for partner and prospect MSPs - with some straight shooting on the side. The half-day getaway, which featured an archery competition, lunch and wine-tasting aimed at bringing Malwarebytes' local New Zealand and top and prospective MSP partners together to celebrate recent local successes, and discuss the current state of malware in New Zealand. This was also a unique opportunity for local MSPs to learn about how they can get the most out of Malwarebytes' MSP program and offering, as more Kiwi businesses are targeted by malware.

Malwarebytes shoots the breeze with channel, prospects
EDGE 2019: Channel forges new partnerships during evening networking

EDGE 2019: Channel forges new partnerships during evening networking

Partners, vendors and distributors reconnected during a number of social gatherings during EDGE 2019. The first evening saw the channel congregate for a welcome party at the Hamilton Island yacht club, while the main poolside proved to be the perfect stop for a barbecue on the final night.

EDGE 2019: Channel forges new partnerships during evening networking
Show Comments