News about the first email social engineering attack against Office 365 came alongside Microsoft’s announcement that the anti-spam SmartScreen technology is being deprecated. Stay safe people!
Everyone’s coming back from vacation and probably needs a little time to get back fully into the swing of things. While you’re easing into the depths of your Inbox, be aware that a new scam that attempts to lure Office 365 users to reveal their account credentials is circulating.
First revealed by MVP Brian Reid of C7 Solutions in the UK, who knows his way around Exchange transport and security, the scam exploits social engineering techniques by sending a message that appears to come from the Office 365 administrators to ask the recipient to sign in to the “Office Portal” (Figure 1). The link in the message brings them to a non-Microsoft site where their credentials are gathered using a log-in screen resembling Outlook Web App (OWA).
Figure 1: Click here for happiness
This development comes hot on the heels of Microsoft’s announcement that they are deprecating the SmartScreen anti-spam technology. Anti-spam filter updates will cease from November 1, 2016 and leave Outlook clients and Exchange servers looking for a replacement if they are not already protected by other means.
The logic advanced is reasonable in that Office 365 users are protected against spam by Exchange Online Protection (which curiously did not pick up the scam email reported above) and that users of other email systems, including on-premises Exchange, are probably protected by Exchange Online Protection or another email hygiene service.
Microsoft reckons that SmartScreen is obsolete technology and they are probably right. The notion of being able to repel threat through the distribution of updated filters belongs in a gentler age when new threats and attack vectors did not appear as quickly as they do now. SmartScreen, which originally came from the Hotmail service, served a purpose when it was released in 2003. Thirteen years later, attack techniques can morph in minutes and spam filters are rendered obsolete before they ever reach a customer.
All technology reaches the end of its usefulness. I don’t think that many will mourn the passing of SmartScreen, not least because users probably don’t realize what it does. In any case, cloud-based scanning is the way that inbound email streams should be examined and cleansed. It just makes sense.
Follow Tony on Twitter @12Knocksinna.
Want to know more about how to manage Office 365? Find what you need to know in “Office 365 for IT Pros”, the most comprehensive eBook covering all aspects of Office 365. Available in PDF and EPUB formats (suitable for iBooks) or for Amazon Kindle.