Data security in Office 365 depends on employee attention (Remote Working)

Update
0

Once you work from home (working remotely) has become indispensable for many companies, banks si institutions, the strategy of cyber attackers has also changed.
Microsoft warns that more and more have appeared malicious applications concerning the accounts Office 365, and the method of OAuth token security is canceled if the user accept the access of such applications to the account Office 365.
It is a phishing method "Fashionable" in this period, which is based on inattention and ignorance of users.
An e-mail is sent contains a link to an "interesting" application, which at first glance does not arouse suspicion. Moreover, it can come as an installation recommendation from the company or bank where the user is employed.
But if the user falls into the trap and gives the application access to Microsoft Office 365, in the future that application will no longer be blocked by OAuth. They can hide behind applications API through which numerous queries can be made to the account Office 365. Account from which attackers can obtain confidential information and extract sensitive data using the application, without the user noticing this.

Everything works on the same system through which in the past the applications from Google Play for the "flashlight" requested access including the contact list. Once the user's permission was received, the application could transport confidential data to third-party malicious sources in the background.
Facebook has also faced such problems in the past, when third-party applications had access to more data than they needed, data that turned out to be sold to various communications agencies.

Regarding the users of Microsoft Office 365 who works from home these days, it is good to know that any mail received inviting you to install an application for Office 364, must be checked in advance by an IT department. Only after this department gives its approval, the application can gain access to your account Office 365.

The best protection against phishing is always user caution. Links and applications received by e-mail and opened or installed without verification can cause large data loss and compromise careers.

Passionate about technology, I enjoy writing on StealthSettings.com since 2006. I have a rich experience in operating systems: macOS, Windows, and Linux, as well as in programming languages and blogging platforms (WordPress) and for online stores (WooCommerce, Magento, PrestaShop).

Tutorials written by me.
AntiVirus & Security Internet Microsoft Office Noteworthy Tutorials and IT News
Microsoft Microsoft Office 365 Office 365 Phishing Phishing Scam remote working
How to » AntiVirus & Security » Data security in Office 365 depends on employee attention (Remote Working)

How to replace FirewallD with iptables on CentOS 7

How do we stop the automatic playback of videos in Microsoft Edge Browser (Stop video autoplay in Edge)

Leave a Comment

Stealth Settings

Windows

Windows 11

Windows 10

Windows 8 / 8.1

Windows 7

Windows Vista

Windows XP

Task Manager

how To

Microsoft 365 /Office

Microsoft 365 /Office

Excel

Word

PowerPoint

Outlook

Office 365 Productivity

Linux & Web Software

Nginx

Apache HTTP Server

PHP

SQL/MySQL

CentOS

Ubuntu

Web Hosting

WordPress & WooCommerce

Security & Antivirus

Awareness

Antivirus & Security

Malware

spyware

© 2024 Stealth Settings. IT tutorials and news.

Privacy policy | About Cookies | Contact | About us