sb-au logo
Story image

Cyber crims targeting Aussie companies with Microsoft OneDrive accounts

Cyber-criminals are using compromised Microsoft 365 ‘OneDrive for Business’ accounts to spread malware throughout Australian companies.

That’s according to global research conducted by Forcepoint - a cyber-security firm powered.

Forcepoint research found cybercriminals predominately targeted Australia using this method with 55% of emails sent to recipients in Australia.

With the use of cloud storage growing exponentially, Forcepoint advises that businesses need to be more aware of the associated risk and how they can protect themselves.

One Drive for Business is a paid Microsoft service for businesses where employees can store and share files. Each registered employee has a personal URL called "MySite" where work-related files can be uploaded and shared, even to external parties.

According to Forcepoint, these employee MySite accounts are being compromised and used to upload malware.

Based on Forcepoin’s research , the top 7 email subjects containing malicious OneDrive for Business links for the past 90 days include:

  • Please Docusign these documents 
  • Request for ASIC correspondence reprint
  • Thomas shared “Agreement AHAlife 11-2016” with you
  • Melissa shared “Scan001.zip” with you
  • New playslip available for pay period ending 8/11/2016

Since it is a known service for businesses, malicious download links hosted by such platform adds a layer of "trust" to prospective victims when downloading an unknown file.

Businesses that utilise third-party business solutions such as OneDrive for Business are advised to put additional focus on the security of the related user accounts to prevent such risks.

Forcepoint also points out that users should be vigilant when downloading files from OneDrive for Business (Sharepoint) links coming from an unsolicited email.

Story image
Rise in cyberattacks targeting the cloud as use of collaboration tools increase
“While we are seeing a tremendous amount of courage and global goodwill to overcome the COVID-19 pandemic, we also are unfortunately seeing an increase in bad actors looking to exploit the sudden uptick in cloud adoption."More
Download image
The juggling act: Managing dynamic workforces and the risk that goes with them
Mitigate and continuously manage dynamic workforce risks, and continuously improve and maintain the maturity of your dynamic workforce risk program.More
Story image
Cybercriminals seeking greater anonymity online, Trend Micro states
Cybercriminals have switched to ecommerce platforms and communication using Discord for greater anonymity, according to new research from Trend Micro. More
Story image
Cisco buys ThousandEyes, strengthening network portfolio
Cisco is eyeing up network intelligence company ThousandEyes for its latest acquisition, building on Cisco’s cloud-based network and application performance portfolio.More
Story image
AU regtech industry rallies for govt support to kickstart economy
“We can supply technology that creates a low-overhead, low-cost, cyber-secure regulatory environment that assists our major financial sector players meet integrity tests quickly," says ProvenDB CTO.More
Story image
Thycotic launches DevOps Secrets Vault solution for greater cloud security
“DevOps Secrets Vault is a cloud-based vault that balances the security and velocity that DevOps teams require for this growing part of the enterprise attack surface."More