Phishers have discovered a new way to get around cybersecurity defenses with malicious apps designed for Microsoft 365. Do you know how to protect against this new attack vector?
Cybercriminals are forever on the hunt for new tools and methods to help them breach secure accounts, access sensitive data, and do damage to users like you.
The latest development in cybercrime tactics is the “malicious app”. By tricking their target into clicking a link to download an open authorization app, cybercriminals can circumvent defense layers such as primary authentication, as well as multi-factor authentication.
Make sure you know how this new scam works, so you and your team can defend against it.
This scam is effective because it appears legitimate and routine at virtually every step in the process. It doesn’t rely on fake websites or a downloaded attachment; instead, it gains access to private data by installing an open authorization app (similar to browser extensions that add new features to an existing platform).
Here’s how it works:
It’s really that simple, which is why it’s been so successful. In fact, over the course of 2020, this method had an average success rate of 22%.
There are a few ways to mitigate the risk posed by a scam like this:
If you’re unsure about how to address the threat posed by malicious apps, don’t assume you have to handle it on your own. The Sysoft Computer Consultants team is available to provide expert assistance.
Get in touch with our team to get started.