Welcome to #WeekendWisdom number 77. This week we’re going to talk about Malicious Office 365 Apps.
Where did this story come from?
This week, Brian Krebs from Krebsonsecurity published an article. In this article he was showing how researchers have found that cybercriminals are sending very, very specific links to people with office 365 accounts. Now when you click these links it prompts people to sign in with the user ID and password for their actual Microsoft 365 account.
What are these Malicious Office 365 Apps doing?
Now it’s not stealing their credentials, but what it is trying to do then it’s going to get them to install a malicious app that’s associated with their Microsoft Office 365 account. So it will pop-up and say “Can you give me permissions to do all these things” and here is an example of one of these permissions lists.
What can they do with all of that?
Now these are quite extensive and they basically gives the people who control that app the ability to read and respond to emails associated with that individual. So it’s really, really sneaky. Even if the person goes and changes their password or resets their password, that malicious app is there. They still have access, even passed the password change. It’s really incredibly clever.
What can you do to protect yourself
Now Microsoft do provide solutions now to prevent that for administrators to be able to block that from being able to happen. There’s full details in the Krebs article. So make sure you take actions to try and prevent these things from happening in your Office 365 account.
So that’s it for this week. Lets be careful out there and we’ll talk to you again next week.
How can L2 Cyber Security help you?
We offer a full range of training programmes, which can be delivered online or in-person*.
L2 Cyber Security are also a partner of CyberRiskAware for online self-directed Cyber Security Awareness training and Phishing testing.
Contact us for more information at info@L2CyberSecurity.com.
*With appropriate social distancing and other health and safety measures adhered to.