Police warn of cyber attacks on Office 365
The State Criminal Police Office of North Rhine-Westphalia warns of potential cyberattacks on Office 365, particularly via the Outlook email program and document management. Current investigations show that these attacks not only endanger companies, but also their customers. The perpetrators aim to take over email accounts and send malicious attachments or links in the name of companies. These phishing emails often appear authentic because they contain real conversations.
Theft of VPN access data
Clicking on the dangerous links can make IT systems vulnerable and cause data outflows. Cybercriminals are specifically searching email accounts for information from the early days of the coronavirus pandemic, when many employees were working from home. They are particularly interested in VPN access data to non-public IT networks. With this information, the attackers can gain direct access to the company’s IT infrastructure and access documents in the emails.
Investigations and protective measures
According to a press release from the LKA NRW, the investigations have already saved a number of companies from further attacks such as ransomware encryption and the associated blackmail. Cyberattacks of this kind regularly cause damage running into millions. The LKA emphasizes the importance of comprehensive security concepts and raising employee awareness.
Affected companies are advised to contact the cybercrime hotline at 0211/939-4040 or contact the Cybercrime Competence Center at cybercrime.lka@polizei.nrw.de. A general overview of the “Central Cybercrime Contact Points of the State and Federal Police” for companies is also available.
Official security recommendations from Microsoft
Microsoft has recently updated its guidance on how users can prevent their email accounts from being compromised. The company strongly recommends activating multi-factor authentication. According to Microsoft, possible signs of a compromised account are frequent password changes, missing or deleted emails, a newly set up email forwarding or problems when sending emails. You can find the official announcement here: https://learn.microsoft.com/de-de/defender-office-365/responding-to-a-compromised-email-account
More news
Social engineering – 6 tips on how companies can protect themselves
No matter how good the technical security precautions in companies are: The human factor is often the weakest link in the security chain. In social engineering, cyber criminals exploit this potential vulnerability by faking a personal relationship with the victim in order to carry out their criminal activities. How do you recognize social engineering and how can companies protect themselves and their employees?
Critical Outlook vulnerability discovered (February 2024)
In February 2024, security researchers discovered a vulnerability in Microsoft Outlook and classified it as critical. You can read everything you need to know as a user here.
Bitcoin Halving 2024 : Danger from phishing mails on the rise
More and more cases of crypto phishing! The reason is the high Bitcoin price and the upcoming Bitcoin Halving 2024.
Digital document management system – Find out everything you need to know about DMS.
The efficient management of digital documents is a necessity in the modern working world. A digital document management system (or “DMS” for short) is therefore becoming a must-have for companies – and not just for corporations, but also for SMEs. In this article, you will find out what a digital document management system actually is, what functions it fulfills and what advantages it can offer your company.
Managed IT services: Is it worth it for my company? Can I simply outsource my IT?
Managing and monitoring their IT poses challenges for many companies. There is a lack of resources to set up an in-house support team that is up to the task. Managed IT services offer one solution, with external specialists taking over individual IT sub-areas through to complete IT operations. Find out here what Managed IT Services actually are, what advantages they offer and whether the model is also worthwhile for you.