Microsoft Office 365 account-takeover attacks represent "one of the fastest growing email security threats," according to application delivery, data protection and security solutions provider Barracuda Networks.
Approximately 29 percent of organizations had their Office 365 accounts compromised by hackers in March, an analysis of account-takeover attacks targeted at Barracuda Networks customers revealed. The analysis also showed more than 1.5 million malicious and spam emails were sent from hacked Office 365 accounts.
Office 365 Account-Takeover Attacks: Here's What MSSPs Need to Know
Cybercriminals use Office 365 account-takeover attacks to learn how a company operates, how it uses email signatures and how it handles financial transactions, Barracuda said. With this information, cybercriminals then can launch successful attacks and harvest additional login credentials for other accounts.
Office 365 account-takeover attacks generally begin with social-engineering tactics to lure email recipients to a phishing website, Barracuda noted. After an Office 365 account is compromised, hackers can track company activities and use harvested credentials to target other high-value accounts.
Furthermore, hackers use compromised Office 365 accounts to steal personal, financial and confidential data and use it to commit identity theft, fraud and other crimes, according to Barracuda. Hackers also use these accounts to launch cyberattacks targeting a company's partners and customers.
How to Guard Against Office 365 Account-Takeover Attacks
Barracuda offers the following recommendations to help organizations guard against Office 365 account-takeover attacks:
- Use Artificial Intelligence (AI): Implement AI-based cybersecurity tools to spot anomalies that may indicate an Office 365 account-takeover attack.
- Leverage Account-Takeover Protection Technologies: Deploy technologies that recognize when accounts have been compromised and remediate such issues in real-time.
- Implement Multi-Factor Authentication (MFA): Use MFA tools to deliver security that extends beyond a username and password.
- Track Suspicious Activities: Leverage security technologies to monitor logins from unusual locations and other suspicious activities.
- Educate Employees: Teach employees about spear-phishing attacks and perform phishing simulations to test workers' ability to identify and respond to these attacks.
MSSPs also can help organizations keep pace with Office 365 account-takeover attacks. They can provide security services to address Office 365 attacks, and in doing so, ensure organizations are protected against phishing attacks and other email security threats.