PDF Phishing Attacks Using Microsoft OneDrive Surge Nearly 200%

phishing hookScammers use a mixture of familiar brand, unsuspecting users, legitimate document types and locations, and credential harvesting in this attack aimed at getting into your Office 365.

If a cybercriminal can get into your Office 365, there’s potentially a lot they can do. They can email malware-laden messages to users both within and outside the company, steal data stored in Office 365, access applications in the cloud that provide them intel or access to banking details to commit fraud. The list is only limited by the creativity of the cybercriminal.

So, gaining access to Office 365 has become a priority for many cybercriminal organizations. We just wrote about how Microsoft continues to lead the pack as the most-impersonated brand by cybercriminals. Data found in Managed Security Service Provider (MSSP) Nuspire’s Q2 2019 Quarterly Threat Landscape Report demonstrates exactly why it’s so useful for cybercriminals to leverage such brands.

According to the report, the use of PDF phishing attacks rose 193% in just one quarter. What makes this so dangerous for organizations is the tie-in with Office 365. These attacks are focus on generic mailboxes, such as a ‘support@’ email address used by more than one user, prompting them to review the linked-to PDF document up on OneDrive. The victim is then asked to provide their Office 365 credentials via a realistic-looking OneDrive login page.

Users within your organization need to work with an elevated sense of security – one that makes alarm bells go off in their head the moment they see anything that has a hint of looking like it’s either out of place or is even slightly suspicious. This sense of security is derived through continual Security Awareness Training – designed to both educate the user on how they play a role in the organization’s security and on methods used by scammers to attempt to trick users into becoming unwitting attack participants.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews