During the COVID-19 pandemic, millions of organizations have changed how they operate, with remote work now the norm. For many, this has meant a rapid transition to the cloud ahead of planned digitization. In response, threat actors are taking advantage of new cloud enterprise by targeting Microsoft and Google email services.
By using phishing attacks, hackers are finding success targeting companies and workers who are new to cloud environments. Proofpoint research finds 7 million malicious emails were sent to Microsoft 365 users from January to March 2021.
That's worrying, but nothing compared to Gmail. Researchers say Google's email client was targeted 45 million times during the first quarter.
“The malicious message volume from these trusted cloud services exceeded that of any botnet in 2020, and the trusted reputation of these domains, including outlook.com and sharepoint.com, increases the difficulty of detection for defenders,” this week's report says. “This authenticity perception is essential, as email recently regained its status as the top vector for ransomware; and, threat actors increasingly leverage the supply chain and partner ecosystem to compromise accounts, steal credentials and siphon funds.”
Threat actors know that breaching a single account could lead to system-wide access as organizations enter cloud for the first time. Proofpoint says 95 percent of all organizations targeted were chosen to be able to get full account access. Over 50 percent of those attacks were successful.
Armed with account credentials, hackers can move across services associated with an account. Furthermore, they can spread malicious emails from the legitimate account to other users in an organization.
“Our research clearly demonstrates that attackers are using both Microsoft and Google infrastructure to disseminate malicious messages and target people, as they leverage popular cloud-collaboration tools,” The Proofpoint report continues. “When coupled with heightened ransomware, supply chain, and cloud account compromise, advanced people-centric email protection must remain a top priority for security leaders.”
Tip of the day: When using your Windows 10 laptop or convertible with a mobile hotspot you might want to limit the Internet bandwidth your PC uses. In our tutorial we are showing you how to set up a metered connection in Windows 10 and how to turn it off again, if needed.