Book an Intro Call
Support Center

Blog

PhishPoint attack looks like SharePoint

Phishing scams disguise malicious links and emails as messages from trusted sources. The most recent scam to watch out for almost perfectly imitates a trusted invitation to collaborate through Microsoft SharePoint. It’s a three-step attack that’s easy to avoid if you know how it works.

Step 1 – Invitation to collaborate email

The first thing victims receive from hackers is a message that looks identical to an email from Microsoft’s file sharing platform SharePoint. It says, “John Doe has sent you a file, to view it click the link below…”

In most cases, the sender will be an unfamiliar name. However, some hackers research your organization to make the email more convincing.

Step 2 – Fake file sharing portal

Clicking the link opens a SharePoint file that looks like another trusted invitation from a Microsoft app, usually OneDrive. This is a big red flag since there’s no reason to send an email containing a link to a page with nothing but another link.

Step 2 allows hackers to evade Outlook’s security scans, which monitor links inside emails for possible phishing scams. But Outlook’s current features cannot scan the text within a file linked in the email. Once you’ve opened the file, SharePoint has almost no way to flag suspicious links.

Step 3 – Fake Office 365 login page

The malicious link in Step 2 leads to an almost perfect replica of an Office 365 login page, managed by whoever sent the email in Step 1. If you enter your username and password on this page, all your Office 365 documents will be compromised.

Microsoft has designed hundreds of cybersecurity features to prevent phishing scams and a solution to this problem is likely on the way. Until then, you can stay safe with these simple rules:

  • Check the sender’s address every time you receive an email. You might not notice the number one in this email at first glance: johndoe@gma1l.com.
  • Confirm with the sender that the links inside the shared document are safe.
  • Open cloud files by typing in the correct address and checking your sharing notifications to avoid fake collaboration invitations.
  • Double check a site’s URL before entering your password. A zero can look very similar to the letter ‘o’ (e.g. 0ffice.com/signin).

Third-party IT solutions exist to prevent these types of scams, but setting them up and keeping them running requires a lot of time and attention. Give us a call today for information about our unlimited support plans for Microsoft products.

Published with permission from TechAdvisory.org. Source.

Share this article:
Recent Posts
Categories
Glenn Harris
Glenn Harris

Head of Sales

Glenn leads our efforts in delivering HealthSafeIT and ProSafeIT to growing businesses looking to expand their operations and achieve success.

Brad Morrow
Brad Morrow

Head of Sales, Alabama

Brad’s focus is on delivering HealthSafeIT and ProSafeIT to our clients, ensuring they can dedicate their efforts to running their business rather than worrying about technology.

Contact Us To Learn More

Would you like to get in touch to learn more about our proven approach to managed IT services?

Fill out the form below and let’s connect.

"*" indicates required fields

Name*
Stay in the loop! Check this box to receive occasional updates and offers via SMS (optional).
This field is for validation purposes and should be left unchanged.

Don’t rely on generic IT services — partner with Stringfellow for services and solutions designed around the IT needs of your business.

Contact us today to learn how we can streamline your processes, guarantee compliance, and keep you operating at peak performance
Let's Talk
©20252023 Stringfellow Technology Group.All Rights Reserved.
Book a Discovery Call
Support Center