Covid-19 inspired hackers target Office 365 SMB users

by Don Sharpe
Don Sharpe
Don Sharpe
Don has been writing professionally for over 10 years now, but his passion for the written word started back in his elementary school days. His work has been... read more
Affiliate Disclosure
  • Hackers are now sending phishing emails to SMBs that expect COVID-19 financial relief from the government.
  • An estimated 5000 Office 365 account owners may have been targeted. 
  • Our dedicated Office 365 section offers more about the cloud-based platform. You can check it out anytime!
  • Visit the Security & Privacy for tips on optimizing your IT or personal data security.
Dropbox hacking attempt

To fix various PC problems, we recommend DriverFix:
This software will keep your drivers up and running, thus keeping you safe from common computer errors and hardware failure. Check all your drivers now in 3 easy steps:

  1. Download DriverFix (verified download file).
  2. Click Start Scan to find all problematic drivers.
  3. Click Update Drivers to get new versions and avoid system malfunctionings.
  • DriverFix has been downloaded by 0 readers this month.

Just the other day, it emerged that hackers set up an Office 365 phishing website to steal users’ Microsoft credentials. They targeted people affected by the COVID-19 crisis.

According to Abnormal Attack, hackers are now sending phishing emails to small businesses that expect financial relief due to the effects of COVID-19. They’re primarily targeting enterprises with Office 365 accounts.

Malicious actors target Office 365 accounts

The attackers are after SMBs that have applied for COVID-19 relief from the government.

In the attack, the target receives an email sent from a Dropbox account, which is a legitimate domain. The message contains a link to a document on a Dropbox download page.

However, clicking on download takes the potential victim to another page with an Office 365 image. But the user has to supply their Microsoft account credentials to access the document.

Since the O365 page is fake, it’s just a means for the attacker to collect the victim’s user name and password.

This attack is attempting to exploit current efforts by the government to provide relief funds for small business owners affected by COVID-19 closures and shelter-in-place orders.

Nearly 5000 email accounts have received the phishing email. One of the reasons why the attackers may succeed is that they’re offering correspondence that the victim expects.

Similarly, the malicious players are impersonating the government as well as using a legitimate launching platform, Dropbox.

Legitimate tech companies are improving their productivity tools in different ways against the backdrop of the COVID-19 pandemic. For example, Microsoft is optimizing its workforce collaboration tool, Teams, to cater to the needs of its over 44 million daily users, including remote workers.

However, not every actor in the tech industry is looking at COVID-19 from that perspective. So, companies and individuals need to not only stay vigilant, but also keep securing their enterprise and personal data.

Have you ever used Dropbox or Office 365? Feel free to share your experience or ask any questions in the comments section below.

idee restoro Still having issues? Fix them with this tool:
  1. Download this PC Repair Tool rated Great on (download starts on this page).
  2. Click Start Scan to find Windows issues that could be causing PC problems.
  3. Click Repair All to fix issues with Patented Technologies (Exclusive Discount for our readers).

Restoro has been downloaded by 0 readers this month.

This article covers:Topics: