Phishing Scam Targets Microsoft Office 365
Clever Criminals Create Malicious Microsoft App
Phishers have recently targeted Microsoft Office 365 users with specialized links that take users to their email login page. After a user logs in, they are prompted to install an app that looks like a normal Office app, but it is a fake app that gives the attacker password-free access to the user’s emails and files.
After logging in, the user might see a prompt that looks something like this:

Looks legitimate, right?
Once installed, the app will remain in a user's Office account until it is manually removed, even if they reset their password.
Of the people who were faced with these cyber attacks, over 20 percent of them were successfully compromised.
Understand the Importance of Cyber Liability Insurance
These malicious attacks are the fastest growing risk exposures for companies. It has become more important than ever for all businesses to carry Cyber Liability Insurance. The above video was put together to teach retail insurance brokers how to best communicate the important of Cyber Liability to their business clients. Take the time to gain an understanding of what cyber is and how breaches occur. We go over the anatomy of a cyber claim and how to successfully sell this coverage to the client.
Reach out to our team to get a Cyber quote today: programs@cidinsurance.com.
More on the Microsoft Attacks
Microsoft has worked to limit the amount of these malicious Office apps by creating a verification system for people publishing new apps on their platform. Unfortunately, the crafty hackers found a work around. They compromise accounts that have already been verified as credible publishers. Then, they use these accounts to create the app and spread the malware from within them. One main goal of these criminals was to "spoof" an email from someone in an authority position at an organization and request payment using a fictitious invoice. Once they have this spoofed email, there are a number of other uses they have come up with to scam companies or continue spreading their malware.
This isn't the first time a major company has had cyber issues that impacted thousands of businesses, and it definitely won't be the last. Talk to your clients about Cyber Liability. Find applications for quotes on our website here. You can also try our phone quoting option to get a quote in less than 5 minutes by calling (877) 969-7539.
