Close

Malicious Apps Are Putting Microsoft 365 Users At Risk

Phishers have discovered a new way to get around cybersecurity defenses with malicious apps designed for Microsoft 365. Do you know how to protect against this new attack vector?

Cybercriminals are forever on the hunt for new tools and methods to help them breach secure accounts, access sensitive data, and do damage to users like you.

The latest development in cybercrime tactics is the “malicious app”. By tricking their target into clicking a link to download an open authorization app, cybercriminals can circumvent defense layers such as primary authentication, as well as multi-factor authentication.

Make sure you know how this new scam works, so you and your team can defend against it.

How Do These Malicious Microsoft 365 Apps Work?

This scam is effective because it appears legitimate and routine at virtually every step in the process. It doesn’t rely on fake websites or a downloaded attachment; instead, it gains access to private data by installing an open authorization app (similar to browser extensions that add new features to an existing platform).

Here’s how it works:

  1. Phishers email a specialized link to their target.
  2. The target clicks the link, and they’re brought to their organization’s own Microsoft 365 login page (as opposed to a malicious website, as with most conventional phishing scams).
  3. The target logs in.
  4. The link prompts them to install a seemingly safe app, which will give the attacker ongoing, password-free access to the target’s emails and files.

It’s really that simple, which is why it’s been so successful. In fact, over the course of 2020, this method had an average success rate of 22%.

How Can You Defend Against Malicious Apps?

There are a few ways to mitigate the risk posed by a scam like this:

  • Only Trust “Verified Publishers”: For the most part, Microsoft’s verified publishers will be safe to use.
  • Set A Policy For Who Can Create An Application: Your admins can prevent non-admin users from installing applications, which will limit the risk of cybercriminals accessing non-admin accounts and breaching the tenant environment.
  • Reduce Your Risks:
    • Do not allow your users to download any application without direct approval.
    • Those in charge of approving apps need to review the permissions and source in detail.
    • Review and revoke unused applications on an ongoing basis.

Not Sure If Your Security Policies Are Up To Date?

If you’re unsure about how to address the threat posed by malicious apps, don’t assume you have to handle it on your own. The Sysoft Computer Consultants team is available to provide expert assistance.

Get in touch with our team to get started.

30 Years

Latest Blog Posts

5 Ways Hackers Break Into Your Business IT Network
5 Ways Hackers Break Into Your Business IT Network

5 Ways Hackers Break Into Your Business IT Network: Protecting Your Company’s Digital [...]

Read More
Five Ways Small Businesses Can Stop A Cyber Breach From Ever Happening
Five Ways Small Businesses Can Stop A Cyber Breach From Ever Happening

Five Ways Small Businesses Can Stop A Cyber Breach From Ever Happening: Essential [...]

Read More
October Is Cyber Security Awareness Month
October Is Cyber Security Awareness Month

October Is Cyber Security Awareness Month: Assessing Your Organization’s Readiness [...]

Read More
Read The Sysoft Consulting Blog