Cloud Security service offering company ‘Avanan’ has discovered that business email users of Microsoft Office 365 are vulnerable to a phishing cyber attack. The company discovered the vulnerability using a Punycode and found that more than half of the business email users of the said premium office software have become victims of the phishing malware.
Technically speaking, the malware is capable of going undetected by both Microsoft’s security and desktop email filters and has the potential to leak user credentials of Office 365 users. The biggest concern is that the malware code is said to have the ability to abuse the vulnerability of anti-phishing programs and URL-reputation security layers.
What’s even more apprehensive is the fact that as soon as the credentials are obtained, the victim’s Office 365 account of users can easily go into the hands of the remote hackers.
The cyber crooks can then launch phishing attacks on more such people using Victim’s contacts, steal sensitive company info, re-route invoice remittance details, download user info such as social security numbers, sieve email IDS of victims from Office 365 excel files and sell the email IDSs for spam spreading companies.
Avanan said that the phishing attack starts with an email which morphs it self to be from FedEx service. The email content says that a package is waiting to be delivered and in order to know the tracking ID and the package details, the victim must click on the provided link which will be malicious. The URL tail contains .xn Unicode which is a method of encoding Punycode. This code has the ability to smartly fool the office 365 victims as it poses to be a legitimate URL.
When the victim clicks on the page, it emerges to be a fake Office 365 login page and as soon as the user induces the details, the malware trouble creeps into the corporate network.
Security experts at Avanan say that the vulnerability of Office 365 business users to such programs is increasing as more and more companies are migrating to SaaS-based mail programs. In a bid to reduce the IT costs, firms are adopting cloud services minus the basic and necessary cloud security features like adding security layers. And this step is shoving them into more trouble.
Avanan’s security teams have discovered that Office 365 and Gmail have zero ability to block these attacks and so many sales and marketing teams of top companies, development teams and high profile CTOs using the said services are already on the victim list of this malware.
