Cybersafety: Regulators warn consumers against cyberattacks via Microsoft Office 365

*The State Criminal Police Office of North Rhine-Westphalia in Germany warns that cybercriminals are exploiting Microsoft Office 365, especially e-mail and document management, as an initial attack vector, noting the perpetrators are taking over e-mail accounts, and using them to send malicious e-mails with dangerous attachments and links

Gbenga Kayode | ConsumerConnect

A new wave of cyberattacks is threatening several companies in the digital ecosystem, in Germany.

The State Criminal Police Office of North Rhine-Westphalia in the European country warned that cybercriminals are exploiting Microsoft Office 365, especially e-mail and document management, as an initial attack vector.

The State Criminal Police Office, in a recent statement, disclosed the perpetrators are taking over e-mail accounts, and using them to send malicious e-mails with dangerous attachments and links.

According to the security agency, the attacks pose a risk to all the connected companies, customers and communication partners.

The Police said: “The e-mails appear legitimate, as they contain no language errors, but often include real past conversations.

“As soon as a recipient clicks on the links, the IT system can be immediately attacked, leading to data loss or theft of data, as well as further attacks such as phishing attacks.”

The statement also noted the cybercriminals were observed specifically searching the taken-over e-mail accounts for information from the early days of the COVID-19 crisis, particularly for VPN access data for non-public IT networks.

It was gathered this information allows the perpetrators to gain direct access to the companies’ IT infrastructure, and perpetrators can also access documents in the e-mails.

The country’s State Criminal Police Office stated: “Several companies have already been protected from further attacks, such as encryption by ransomware and the associated extortion.

“Otherwise, such cyberattacks regularly cause damages in the millions,” the police said in the press release.”

The Office further cautioned consumers: “If your company’s IT is affected by such Office 365 attacks, or if employees have clicked on suspicious links or entered their login data, there is a high risk to your IT systems.

“This also applies if files have been downloaded from well-known platforms or large cloud services providers.”

The Police also cautioned that cybercriminals constantly update their dangerous attachments, so existing virus scanners may not always be able to detect them.

Though the Police did not include any particular techniques or procedures that the hackers use or any detailed mitigations.

ConsumerConnect learnt Microsoft recently updated a guide on how to respond to compromised e-mail accounts.

Microsoft warned: “Even after the user regains access to their account, the attacker may have left backdoor entries that allow the attacker to continue control of the account.”

The Big Tech also recommended resetting the user’s password and enabling multi-factor authentication, among other measures.

It is recalled that Microsoft rebranded its Office Suite to the Microsoft 365 late 2022.