Hackers keep exploiting Microsoft’s mistakes and usurping over 4000 email accounts16/05/2019
Within a month only, 1.5millions malicious emails and spam were sent from Office 365 accounts which were collected by hackers through the Account Takeover (ATO) attacks.
A report has been published by Barracuda Network on 2/5/2019 said that “There was an alarming increase in the number of taken over Office 365 accounts, which leads this problem become One of the fastest and most unpredictable email security threats since the beginning of 2019 to date. Moreover, an analysis recently conducted with the ATO attack which attacks Barracuda Network customers shows that up to 29% of businesses possessed an Office 365 account were hacked by hackers since March 2019.”
According to that, Barracuda also revealed that “Within a month only (since March 2019), there were over 1,5millions toxic emails and spam emails were sent by Office 365 account which were stolen before.” In addition, the researchers also explained that ATO attacks basically had used a variety of attack forms, hackers had even made use of login account information stolen from previous data violations as well as some attacks to business applications and websites.
In the content of the blog of security experts of Asaf Cidon, the vice president of the content security service of Barracuda Network has expressed in detail about the attack way with the following content: “First of all, hackers will impersonate the trusted brand emails, use social tricks, cheating methods to attack the targets. Then, hackers proceeded to follow how the individuals and organizations work and collect more email signature information that used in the financial trading at the same time…. After that, an attack with a higher probability of success has started, consists of collecting more login information on other accounts.
In general, cybercrimes make it started by inrushing, such as using an email of a trusted brand and use some tricks to cheat the users to leak their login information. Hardly ever did the hackers attack immediately when they got that source of information, they usually stealthily follow those emails and activities of the organizations. This helps them maximize the change and the ability of success when the attack proceeded.
The security researchers in Barracuda have found that hackers have set up some toxic rules to hide 34% of their activities among 4000 illegally stolen Office accounts. As mentioned, after inrushing successfully, hackers plan to probe the victims, set up some special features which can delete or hide emails but the user will not be aware of.
Office 365 accounts have been usurped
Through the “stealthy working process”, the crime also begin to sort and target to the accounts whose the values are higher (for example The board of director, account office, financial office...) by using account collected before to log in.
Besides using social tricks or impersonating brands, the scammers also use some technique like fake the domain name or fake the accounts. Those fake domain names make the attack seem more professional and have difficulties in detecting by eyes.
“Hackers earn money by using stolen accounts as well, consisting of identity theft, guiling and other illegal activities. Moreover, stolen accounts also be used to boot other attacks which attack to partners or customers of the “victims” “- said Mr. Asaf Cidon. These kinds of attack maybe cause big financial damage. They even can change the payment information, lead the trading direction to the account they control.
Avoiding ATO attacks by artificial intelligence
Protect emails by Artificial Intelligence
Security experts recommend that the enterprises should pay attention to human aspect in the avoiding ATO attack process. When an abnormal sign is detected with the login account, the user should change the password and perform basic security measures.
In addition, email security solution Receive GUARD stands out with the application of artificial intelligence in the security process, which helps to prevent effective email attacks. The same machine learning model is used to analyze unusual points in the email exchange process, minimize impersonation, phishing attacks and prevent potential emails.
Check security holes for your business email right here!
Vnetwork Joint Stock Company
+84 28 7306 8789
Need more information?