Recently, we received some reports of a disturbing form of phishing.
The victim receives an e-mail message with a link to a Microsoft OneNote attachment or to the file transfer service Couchdrop. When you click this link, you are redirected to download a PDF document, which then brings you to a webpage prompting for your login and password.
If you enter these details, you unwittingly give the attacker access to your Microsoft 365 environment. The attacker can then send messages to colleagues from your mailbox and in this way also try to gain access to their accounts.
If you are a victim, you will not necessarily notice this quickly. The attacker sets up your mailbox so that certain suspicious messages are sent directly to your archive, so you won't get suspicious immediately.
Have you received such a message?
- If so, do not click on the link to download the OneNote file.
- Do not enter any data.
- Alert your organisation's IT department.
- Forward the message to email@example.com
Did you click on the link and/or provide details?
- Contact your organisation's IT department immediately. Your IT department can obtain more information if necessary at firstname.lastname@example.org