We’re sharing this cautionary alert to be highly aware of what Microsoft is calling "crafty" phishing emails with spoofed sender addresses. 

It’s an active campaign targeting Office 365 organizations with convincing emails and multiple techniques that can bypass phishing detection- leaving it up to the users’ discretion as to whether to click or not.

These emails can include a compromised SharePoint site that urges victims to type in their credentials.

The original sender addresses contain variations of the word "referral" and appear to come from legitimate sources- using various top-level domains including the domain com[.]com. The convincing Microsoft logos add even more “legitimacy”- increasing the open rate.

To make them more enticing to open, they are likely to include phrases such as "file share" requests for "Staff Reports", "Bonuses", "Pricebooks", and other content, with a link that navigates to the phishing page.

This extremely technical phishing tactic further stresses the importance of continuous education and testing of employees.

Thanks to KnowBe4 for keeping us abreast of the situation. You can check out their full article here: https://blog.knowbe4.com/heads-up-microsoft-warns-of-sneaky-phishing-campaign?utm_medium=email&_hsmi=146136103&_hsenc=p2ANqtz-_iWjxIqiVIe7Pyla5YCwTePz-icrrhLWZeLFb9zE5aGkMZqCy09RjO3Ky3x43BLFtajGgRE-aZ-iocTO5XzJo1TPCY0Q&utm_content=146136103&utm_source=hs_email 

If you’d like to learn more about Ceeva’s Cybersecurity Awareness Training offering, drop us a line at info@ceeva.com