Hackers are increasingly targeting Microsoft Office 365 accounts. And, unfortunately, once your account is compromised it can be difficult to detect and even more difficult to prevent reinfection. We at ESG have pulled together the following information to help your business understand the risk and respond if you suspect your Office 365 account has been compromised.
Why is Office 365 attacked so often and why are hackers successful?
Office 365 represents a rich target for hackers because once they get your Office 365 login info, they can pretend to be you in e-mail, take over your Skype, send fake messages in SharePoint/Team, and so on. Often the goal of the hackers is to use your account to trick others into sending money or approving a financial transaction. As for why Office 365 attacks are often successful, there are a number of factors:
- Users often re-use passwords from other accounts for their e-mail and thereby allow hackers to guess at their Office 365 login.
- Microsoft was slow and clumsy in implementing multi-factor authentication, and it still does not play nicely with some apps/tools. As a result, many users/businesses do not opt to turn it on.
- Office 365 is, at its core, still Hotmail/Live/Outlook.com so under the surface all those links to consumer-grade tools leave big gaps for malicious apps, ads, plug-ins, and cache-miners.
- The wide array of Office apps and places you login with your credentials (from Outlook to Skype to your cell phone apps for mail) means hackers have a number of places to dig for your login info. A compromised iPhone, for example, can result in a hacker obtaining your Office 365 login if you have your phone checking your e-mail.
How do I prevent my Office 365 account from being compromised?
As with minimizing all security risks, your best approach involves a mix of technology and vigilance. We recommend:
- Only login to your Office 365 tools (e-mail, webmail, Skype, etc) from devices you trust (and that have enterprise-grade anti-virus/anti-malware software running on them, including your mobile devices).
- Enable multi-factor (aka ‘two factor’) authentication such as requiring a text to your phone before new logins are allowed.
- Use multiple layers of security on all your devices including non-Microsoft and non-free anti-virus/anti-malware (ESG recommends Symantec) and additional spam/malware mail filtering (ESG recommends Barracuda).
- Do not re-use passwords for multiple apps/sites. Think about investing in a company password-keeper solution (ESG recommends LastPass).
- Watch for odd behavior including new rules in your Outlook, e-mails going right to Deleted Items, e-mails you did not send appearing in your Sent Items, or people saying you sent them an e-mail when you did not.
If you have any concerns about implementing the protections above, please contact us at ESG to discuss and create an action plan!
Oh no, my Office 365 account might be compromised, what do I do?
Check out our next article “Steps To Take After Your Office 365 Account Is Compromised” for our tips on stopping the damage and securing your account.