Office 365 accounts are coming under increasing threat from hackers, new research has found.
A report from Barracuda found that 29 per cent of organisations had their Office 365 accounts compromised in March 2019 alone - what it calls a ‘startling rise’ in attacks.
More than 1.5 million malicious emails were sent from these hacked accounts in the 31 days of March.
According to Barracuda, there are a ‘variety of methods’ hackers are using to get their hands on people’s and business’ accounts. Most common methods include testing for old passwords, as well as those stolen from different services, given that many people use the same password across a multitude of services.
Then there is the brute-force attack, in which hackers simply try to guess a password. Last, but not least, attacks also come via web and business applications, including SMS.
Most of the suspicious logins originate from China (23 per cent), followed by Brazil (nine per cent), Russia (seven per cent) and the Netherlands (five per cent).
Once they steal the credentials and get inside, hackers don’t mount an attack straight away. Instead, they lurk for a while, learning as much as they can about the company and its network.
Finally, once they have enough information, they will use the email to mount phishing attacks against high-value targets. They also make sure nobody tracks the emails they send, by setting up rules to delete traces of any activity as soon as possible.
Image Credit: Evannovostro / Shutterstock