Skip to main content

Hackers target business Office 365 accounts

(Image credit: Image Credit: Evannovostro / Shutterstock)

Office 365 accounts are coming under increasing threat from hackers, new research has found.

A report from Barracuda found that 29 per cent of organisations had their Office 365 accounts compromised in March 2019 alone  - what it calls a ‘startling rise’ in attacks.

More than 1.5 million malicious emails were sent from these hacked accounts in the 31 days of March.

According to Barracuda, there are a ‘variety of methods’ hackers are using to get their hands on people’s and business’ accounts.  Most common methods include testing for old passwords, as well as those stolen from different services, given that many people use the same password across a multitude of services.  

Then there is the brute-force attack, in which hackers simply try to guess a password. Last, but not least, attacks also come via web and business applications, including SMS.

Most of the suspicious logins originate from China (23 per cent), followed by Brazil (nine per cent), Russia (seven per cent) and the Netherlands (five per cent).

Once they steal the credentials and get inside, hackers don’t mount an attack straight away. Instead, they lurk for a while, learning as much as they can about the company and its network.  

Finally, once they have enough information, they will use the email to mount phishing attacks against high-value targets. They also make sure nobody tracks the emails they send, by setting up rules to delete traces of any activity as soon as possible.

Image Credit: Evannovostro / Shutterstock

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.