A New Level of Sophistication in Social Engineering Attacks
At Cosmic, we recently encountered a social engineering attack that was more sophisticated than any we've seen before. The attackers managed to gain access to a client's Microsoft 365 account and uploads a malicious PDF to the victims OneDrive. These files can appear legitimate, leading to a genuine share request being sent to our staff. This new method underscores the evolving tactics of cybercriminals and highlights the importance of vigilance and robust security measures.
The Attack Unfolds
The attackers gained access to a user's Microsoft 365 account, uploaded a malicious PDF, and then sent a legitimate share request via OneDrive. The PDF contained a link to download malicious code. Fortunately, one of our vigilant team members questioned the unexpected file share, recognising it as a potential threat. This quick thinking allowed us to take immediate action, preventing further attacks and securing all affected devices.
“Recent attacks highlight the importance of taking security seriously for every organisation. It's crucial to implement technical measures wherever possible to protect organisations, their employees, and customers. However, we must also ensure that everyone is trained and confident in dealing with these threats. Social engineering, essentially "hacking humans," is the most successful form of cyber-attack and will continue to be so. We are all human and therefore vulnerable, even those of us who like to think we know it all.” - Jonathan Allard, Security Engineer
Expert Insights: How to Protect Yourself
Jon Allard, our Cyber Specialist at Cosmic, offers some key takeaways from this incident:
- Question Unexpected Files: Always question any files you receive that you weren't expecting. It's okay to verify with the sender whether they meant to share a file with you.
- Utilise Security Features: For organisations using Microsoft Defender for Business, there's a built-in security feature that can help prevent the download of malicious code. This is especially useful for charities using donated licenses.
- Stay Informed and Vigilant: Cyber threats are constantly evolving. Staying informed about new attack vectors and maintaining a high level of vigilance can help mitigate the risk of falling victim to such attacks.
By questioning unexpected files and leveraging the security features available in tools like Microsoft Defender XDR and Microsoft Defender for Business, organisations can enhance their defence against these sophisticated threats. At Cosmic, we remain committed to protecting our clients and staying one step ahead of cybercriminals.
"Over the past few years, we've witnessed a dramatic rise in cyber-attacks targeting organisations across various sectors. This surge underscores the critical need for robust cybersecurity measures. It's not just about implementing advanced technology; it's also about fostering a culture of vigilance and continuous education among employees. In an environment where threats are constantly evolving, proactive risk management and resilience planning have become indispensable for safeguarding our assets and ensuring business continuity." - Paul Turner, IT Service Delivery Manager
To stay up to date with the latest cyber information and news, follow our newsletter and social profiles where we share updates as they arise.
For a deeper discussion about IT management and cyber security, book a call with our tech team today. We're here to help you stay secure and informed, Speak to us.