Imagine you’re going through your Office 365 email account and you come across a thread in your sent folder that does not look familiar. You see correspondence between you and another person, yet you don’t remember ever sending them.
This situation happened to one of our customers yesterday. As a sales representative at a reseller company, this customer’s day-to-day operations include requesting product shipment from distributors to then ship to end-users. Yesterday morning, by chance, he came across an exchange of emails from his account to a distribution company requesting an order of 22 laptop computers. Upon request, the distributor processed the order and shipped the laptops to an address in another state. By the time he discovered these hidden emails, the laptops had already been shipped and delivered. This order came to a grand total of $45,000, expected to be paid by our customer’s company.
Microsoft Office 365 is the world’s most popular business platform, leading the market in cloud-based productivity. According to Microsoft’s Q1 results for 2019, O365 now has over 155 million active users.
Although Microsoft has been diligent about building security features into its flagship product, its very popularity makes it a ripe target for sophisticated hackers. And spoofing scams like the one that befell our client is exactly the type of breach that can slip between the cracks. In fact, Barracuda Networks reports that 29 percent of organizations’ O365 accounts were hacked in March 2019.
Now, it doesn’t help that Microsoft is number one on the list of most impersonated brands. When a hacker spoofs Microsoft, a user may receive an email requesting a security update or a password change. The user is led to the fraudulent website, log-in credentials are requested and the elaborate account takeover begins.
When the hacker gains the log-in for an O365 account, they then have entry to all of its cloud-based applications, contacts, data and more, allowing them access to more sensitive content than people may realize. One compromised user account can give an intruder access to all of a user’s contacts’ information, too. Hackers then have the ability to impersonate the user, emailing their associates and customers to gain their sensitive information as well. This is exactly what had happened to our customer in the scenario above.
Insurance Company Beazley reports that one of their clients fell victim to an Office 365 email breach through a widespread phishing campaign, using the Microsoft impersonation technique as well. A forensic investigation revealed that over 100 accounts were compromised. As a result, the company spent nearly $2.1 million in legal fees, forensic costs, programmatic review and credit monitoring.
As a managed service provider, Datalink Networks migrates companies over to O365 on a regular basis. In fact, we even deploy the service in our own office environment. Regardless, we always advise our own clients to add extra layers of security to keep their company emails and data protected.
We always recommend that our O365 customers add on the Total Email Protection bundle from Barracuda Networks, to provide a multi-layered and multi-angled approach to security. Here’s how the products work:
- Barracuda Essentials: This comprehensive spam filter protects both inbound and outbound emails against spam, phishing and viruses—all in a real time environment. The outbound feature is important in that it can prevent outbound attacks that originate from within the network—that way it protects both you and your contacts information from being compromised.
- Barracuda Sentinel: Unlike traditional email filters, this artificial intelligence system works from inside your users’ email accounts to learn and identify historical trends and the people from within your organization. Sentinel’s sophisticated learning process catches account takeover attempts, brand fraud and email impersonation before they reach your users.
- Barracuda PhishLine: Because of the prevalence and sophistication of social engineering scams like phishing, your own employees are your biggest security risk. PhishLine’s preparatory defense model educates and exposes your staff to email attack techniques that today’s hackers most commonly use. The continuous simulation training will enable users to recognize attacks, preventing fraud and data loss before the damage is done.
If you are an O365 user, you can take advantage of Barracuda’s no-cost no-obligation email threat scanner. This free service scans O365 accounts to identify dormant threats in existing emails and evaluate potential exposure to new threats. After the scan, representatives from Barracuda and Datalink Networks will provide you with a personalized threat report, go over the results with you, and advise on ways to mitigate your vulnerabilities.
Let the Datalink and Barracuda partnership help get your email protected and keep your data safe.