We’ve observed a concerning rise in successful phishing attacks leading to compromised email accounts. Quite simply, the bad guys are getting more and more sophisticated. To protect your organization, it is important that you remain informed and vigilant. Here’s what you need to know: 

  1. Two-Factor Authentication Isn’t Foolproof

Traditional two-factor authentication (2FA) is no longer foolproof against sophisticated phishing techniques. Attackers have found ways to gain persistent access by capturing just one 2FA code. Additionally, they excel at creating convincing phishing pages, often mirroring authentic login forms, making it challenging to differentiate. 

  1. Stay on “High Alert”

Many of these phishing attempts are infiltrating through emails. Be particularly cautious when dealing with links, especially those disguised as QR codes or seemingly legitimate DocuSign documents from familiar contacts. Attackers often compromise one person’s account and then exploit it to send phishing emails to all contacts, making it crucial to maintain a high level of alertness even when working with emails from trusted senders. 

  1. Always Verify URL Authenticity

A critical step in safeguarding your credentials is always checking the URL in the address bar. Legitimate Microsoft login pages should start with “https://login.microsoftonline.com/”. If the URL differs in any way, refrain from entering your credentials. 

  1. Take Immediate Action if Credentials are Compromised

If you suspect you’ve entered your credentials on a fraudulent site, contact us immediately. Swift action is crucial, as minimizing the time an attacker has control over your account reduces potential damage. 

How We’re Working to Counter the Threat 

We are actively researching and developing solutions to strike a balance between providing seamless access and fortifying defenses against potential slip-ups. In the meantime, we offer two interim measures to our clients: 

Enhanced Access Controls: Explore Microsoft’s advanced tools available at higher licensing tiers, providing additional access restriction options and enhanced logging for insights in post-breach investigations. We collaborate with clients to define access policies that minimize the impact in case of an account compromise. 

New Security Awareness Training Platform: We are excited about our upgraded Security Awareness Training platform, set to replace Webroot this year. We hope that users will find the trainings much more interesting, topical, and informative thus boosting engagement and effectiveness. 

Phishing threats are evolving, and so are our efforts to protect our clients. Stay vigilant, verify URLs, and take immediate action in case of a security breach. Together, we can strengthen our defense against these ever-adapting cyber threats. 

Steve Kennen, president of Proactive IT and cybersecurity expert

About Ricky Haase

Ricky Haase embarked on his journey with Proactive IT as a Systems Engineer in early 2022, immediately following his graduation from Campbell University with a BS in Information Systems. He possesses a fervent dedication to crafting secure, reliable, and scalable solutions for both our centralized services and our clients’ networks. The positive feedback we consistently receive from clients who collaborate with Ricky serves as a testament to his commitment and proficiency.