It’s crucial to harden your Microsoft 365 account. Businesses who become victim to email account takeovers must deal with compromised credentials, unauthorized wire transfers and expensive remediation.
These compromises are expensive because they often require manual review of several years’ worth of emails. However, they can easily be prevented by turning on multi-factor authentication and training your employees.
How Do Microsoft 365 Account Takeovers Happen?
It’s as easy as 1-2-3!
It all starts with the cybercriminal sending a phishing email. These emails often request you or your employee to use a link to review a document. Next, the link takes the employee to a website that requests his or her credentials. Finally, after you or an employee provide said credentials, the cybercriminal can start to leverage access to the account in many different ways.
How Do Account Takeovers Put Your Business at Risk?
To put it bluntly…
Once a cybercriminal has taken over your account, your business IS at risk. Cybercriminals gaining access to your employee’s inbox means they can search for very specific information that could harm your business. They can also monitor traffic to the compromised inbox. By watching the relationships between parties and observing details of their communications, they can determine the best tactic to steal funds.
If the employee has no responsibility for payments, the cybercriminal will use the inbox as a platform to phish other employees. By gaining access to the organization’s address book, they absorb details about whom to target in your business.
A cybercriminal who uses the account to communicate with other parties, posing as the employee, will usually create forwarding rules to cover their tracks. All the while, the employee remains unaware that communication is taking place.
How To Harden Your Microsoft 365 Account.
To help mitigate the frequency and severity of these attacks, take the following steps: