Product reviews, deals and the latest tech news

Hackers are able to access Microsoft 365 accounts thanks to fake DHL emails

It has been reported that a new phishing attack is attempting to acquire Microsoft 365 credentials from victims in the education sector by pretending to be the logistics firm DHL.

Over 10,000 phishing emails were sent to the inboxes of people associated with a “private education school,” according to research by cybersecurity firm Armorblox.

The email is designed to seem like it was sent from the shipping firm DHL, complete with the company’s logo and the tone of speech one might expect from the DHL brand. A client has shipped a package to the erroneous address, and the proper delivery address must be supplied in the email marked “DHL Shipping Document/Invoice Receipt.”

A file labelled “Shipping Document Invoice Receipt” appears when you open the email; it’s actually a pixelated sample of an Excel spreadsheet.

A Microsoft login screen appears above the obscured document in an attempt to deceive recipients into believing they need to sign in to their Microsoft 365 accounts in order to access the file. To the attackers, should the victims reveal their login information.

Armorblox said that “the email assault leveraged language as the principal attack vector” to circumvent protections put in place by Microsoft Office 365 and the End User Policy (EOP). Spam, phishing, and malicious links may all be stopped in their tracks by these built-in email defences. However, Microsoft’s email security was evaded in this specific assault through email since the malicious phishing form was included in an HTML file and not linked to any malicious websites.

To circumvent Microsoft’s email (opens in new tab) authentication checks, the researchers claim, the attackers utilised a legitimate domain.

Organizations can better protect themselves from phishing attacks if they educate their staff on how to recognise red flags in emails, such as a questionable sender address, misspelt words, an urgent request for action (legitimate emails rarely require a quick response), and unexpected links or attachments.