Hackers target Office 365 business accounts

New research from Barracuda has revealed that account takeover attacks are one of the fastest growing email security threats as hackers set their sights on Microsoft Office 365 accounts.

The IT security company recently analyzed account takeover attacks targeted at its customers to discover that 29 percent of organizations had their Office 365 accounts compromised by hackers in March of this year.

In March alone, over 1.5m malicious and spam emails were sent from hacked Office 365 accounts highlighting the potential impact this security threat poses.

Hackers executed the account takeover attacks using a variety of methods including reusing stolen credentials, brute-force attacks, social engineering, phishing and even SMS to trick their victims into providing their account details.

Account takeover attacks

Office 365 account takeover attacks begin with infiltration and many hackers impersonate Microsoft and other large firms as a means of tricking users into disclosing their login credentials. In fact, Microsoft is the most impersonated brand in the world with 1 in 3 attacks impersonating the company.

Once an account has been compromised, hackers rarely launch an attack straightaway. Instead, they monitor email and track activity in the company to help maximize their chances of executing a successful attack.

One trick that scammers use to avoid detection is setting up mailbox rules to hide or delete any emails they send from the compromised account. According to Barracuda's March 2019 analysis, hackers set up malicious rules to hider their activity in 34 percent of the nearly 4,000 compromised accounts.

After the reconnaissance has been completed, cybercriminals use the harvested credentials to target other high-value accounts in an organization with executives and finance department employees being prime targets. They also use compromised accounts to monetize attacks by stealing personal, financial and confidential data to use it to commit identity theft, fraud and other crimes.

To protect your business from account takeover attacks, Barracuda recommends using AI to scan your emails, deploying account takeover protection, using multi-factor authentication, monitoring inbox rules and suspicious logins and training employees to recognize and report attacks.

How It works

Search Crack for

Latest IT News

Jun 1
Zoom is working on a plan to strengthen encryption for its paid and enterprise customers.
Jun 1
Beacon is part of the trillion-dollar freight forwarding industry in the UK.
Jun 1
One of the most popular desktop trading platforms is now available on the web.
May 30
ExpressVPN's latest survey highlights consumer concerns that contact tracing apps violate their privacy and could lead to mass surveillance.
May 30
The cost of launching collision attacks against SHA-1 has come down significantly making the encryption algorithm more vulnerable.
May 29
Grab the right tools to get web development done without breaking a sweat, covering everything from design and coding platforms.
May 29
David Plummer created Task Manager some 25 years ago, and has some pretty nifty tips for the app.

Latest cracks