Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten

State Office of Criminal Investigation warns of cyberattacks via Office 365

The State Criminal Police Office of North Rhine-Westphalia warns of possible cyberattacks via Outlook and Office 365 document management.

Save to Pocket listen Print view
Microsoft-Schild an dunklem Gebäude

(Image: StockStudio/Shutterstock.com)

2 min. read
Security
By
This article was originally published in German and has been automatically translated.

Based on current investigations, the State Criminal Police Office of North Rhine-Westphalia (LKA NRW) warns of possible cyberattacks via Office 365, specifically on the Outlook email program and document management. The attacks not only endanger the affected companies, but also their customers and communication partners. The aim of the perpetrators is to take over email accounts and then send messages containing dangerous attachments or links in the name of the company. The phishing emails often appear authentic as they contain real conversation histories.

Targeted search for VPN access data

Clicking on the links can lead to attacks on IT systems and, among other things, to data leaks. The cybercriminals specifically look for the email accounts they take over for information from the early days of the coronavirus crisis, when some employees were obliged to work from home –, in particular VPN access data for non-public IT networks. With this information, the perpetrators can gain direct access to the IT infrastructure of companies. They can also access documents in the emails.

"Thanks to the investigations by the State Criminal Police Office of North Rhine-Westphalia, several companies have already been protected from further attacks such as encryption by ransomware and the associated blackmail. Otherwise, such cyberattacks regularly cause damage running into millions," writes the LKA in a press release. Due to the developments, it also emphasizes the importance of comprehensive security concepts and raising employee awareness. The LKA also recommends that affected companies contact employees of the Cybercrime Competence Center at 0211/ 939-4040 or via cybercrime.lka@polizei.nrw.de.

Microsoft recently updated its information on how users can recognize that their email account has been compromised and how they should react. Possible signs of a compromised account include frequent password changes, missing or deleted emails, email forwarding added at short notice, inability to send emails and more.

(mack)

Spiele

Back to top
Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten