Office 365 Phishing Examples

Office 365 Phishing Examples

Office 365 Security

[UPDATED: 08/28/2018]

The bad guys have been targeting Microsoft Office 365 users lately with multiple phishing attacks. Below is a sample of what to be on the lookout for. I would recommend sending this article to your employees to improve security awareness.

Red flags

  • “From” email address is not a Microsoft address. Even if it does show a Microsoft address it could be spoofed.
  • It’s addressed to a generic person such as “Client” and not the recipient by name.
  • It doesn’t look polished as you would expect an email from Microsoft to be.
  • Sent with High Importance.
  • It contains an attachment. Microsoft will never send you an email with an attachment.
  • Involves a threat of data loss.
  • English may not be proper.
  • If you move your mouse on top of a link in the email without clicking in Outlook it will show where the link really goes (to the attacker’s web site).

I have highlighted these red flags in the samples below.

Sample Microsoft Office 365 Phishing Emails

 



 



 


 


 

 




-Tim

2017 Means Time for Improvements

2017 Means Time for Improvements

Uncategorized

Many new technologies were announced or rolled out in 2016. Others were on the market before but didn’t deliver as we hoped, were too expensive, or the industry hadn’t fully standardized on them yet. Now that 2017 is well underway and some of these technologies have shaken out, we are ready to put our recommendations forward to help you improve your IT infrastructure and your business.

Collaboration (Office 365)

We are big fans of Office 365. There is no other cloud based solution that offers so much for such a reasonable price. One of the top things we love about it is the constant new services that are rolled out for no additional charge. Two of these we really like are Teams and Planner.

Teams

Microsoft Teams is a brand new feature of Office 365. With Teams you can collaborate in a more social and fluid way than just email. It is a “chat based workspace” which allows employees to work together. You can create a group for Sales, Marketing, Finance,etc.. Inside each team would be a group chat from which you can add files, start on the fly video meetings,  or view team task lists (via Planner). You can also create channels inside each team to further focus discussions. For more information and to see it in action please Click Here and Here.

Planner

Microsoft Planner is a shared task list which makes keeping track of group tasks more efficient and visible. Planner allows you to assign, monitor, and manage tasks for individuals and groups. It is integrated with Microsoft Teams to centralize task management and group communication. For more information (video) please Click Here.

 

OneDrive & SharePoint

OneDrive and SharePoint have been around for a bit. OneDrive is Microsoft’s private cloud (e.g., Your ‘My Documents’ folder in the cloud) and SharePoint is the cloud version of a shared network drive. This is one of technologies that did not deliver as we had hoped. SharePoint had many problems with syncing which caused many a headache for us and our clients. Microsoft had know about this and has now released updated software which allows for both products to use the same, upgraded, software. Clients that have been using the new software have reported much improved results so we can now recommend it once again. OneDrive is a pretty universal win for all clients while SharePoint needs to be recommended on a case by case basis due to some remaining limitations. For more information Click Here (includes a short video).

  • Access to files and folders from anywhere in the world on any platform (Windows, Mac, phone, tablet)
  • Quickly and securely share documents with anyone either inside or outside the organization.
  • Utilize web based versions of Word, Excel, PowerPoint to edit documents.
  • Ability to work on document with multiple people at the same time.
  • Stores documents in the cloud instead of on local (possible aging servers). Internal power, internet, or system failures would not hamper access to documents.

 

Hardware

New Standards and Lower Costs

New technologies were announced in 2016 and others had significant price drops. It is looking like 2017 may be the year for computer upgrades of any 3-4 year old system. Let’s go through the tech and why you should care.

  • 7th Generation CPUs: Intel’s new 7th generation processors allow for much improved video playback, longer battery life for laptops, and the use of new memory/storage technologies just coming on the market.
  • Solid State Drives (SSD):  While on the market for a few years 2016/2017 has shown the price of SSDs come down while performance and capacity increase. By replacing spinning disks you speed up your computer and lower the risk of data loss.
  • Monitors and DisplayPort (DP): The old VGA connection is going away fast and DP is the replacement. Better images and ability to connect multiple monitors are the key improvements here. DP enabled monitors have also come down in price where they are now our standard.
  • USB Type C: How many times have you tried to plug a USB based device in only to have to flip it over to put it in the right way. USB Type C fixes that annoyance as well as a whole bunch of speed and capability improvements.

Security

Windows 10

90-95% of our clients’ computer infrastructures have been migrated to Windows 10. We can comfortably say that if you have a Windows 7/8 based computer it is time for an upgrade. Multiple new features have been rolled out since it was released and it looks like each one make this product better. Much improved security features as well as better performance and stability make this a must have upgrade.

Cloud User Accounting Services (Azure AD)

With Windows 10 Professional we can now create a single sign on experience between Office 365 and the employee’s desktop. By utilizing this feature your email address and password would also be used to access your desktop. The benefits to Azure Active Directory synchronization are:

  • Streamlined employee onboarding and termination.
  • Improved security via password expiration and enforcement policies.
  • Easier for employees (one login and password).
  • Single Sign On (SSO) ability with various 3rd party websites such as SalesForce.
  • Moves user authentication services from aging onsite server or local account to the cloud.