Office365 and Dropbox are commonly used by businesses across the world. We want to alert users of a Business Email Compromise attack that we are seeing persist increasingly. This specific attack is designed to steal credentials of users by posing as a downloadable file that leads to entering Microsoft credentials.
In this case, an email arrives with a link to access a file from a seemingly credible email address. However, instead of opening a file, a click takes the recipient to another page which includes another link to download the file. Next, the site prompts the user to enter their Microsoft login credentials. The spot to enter your credentials box is actually a carefully disguised attempt to gain access to your login credentials. Entering your information allows the bad actor to capture passwords and scour your accounts for data and sensitive information.
See below for a real-life example of an attack attempt described above:
So what can you do?
It is important for companies to educate their users to remember to never engage with emails from unverifiable sources. If you weren’t expecting to receive an email of this nature from a sender you have communicated with about the email, reach out to that sender and confirm that they sent it prior to doing anything with or inside of the message. Additionally, forward any suspicious looking email to your IT partner immediately for review and verification.