What is a “SharePoint” email scam?
Scammers use phishing emails using Sharepoint that contains some sort of catchy messages or formal emails with documents, messages that seem very urgent with some attachment, or requiring some data to obtain sensitive information such as usernames, passwords, other credentials, and card details.
They normally target companies by disguising their emails as messages from authorized organizations. They often use the company name of the recipient so it looks like a sensible message. The main purpose of a scammer is to trick users to click on the hyperlinks and follow their further instructions or make downloading documents to gain access to the system.
other aspects
Attackers are aware very well that the companies are rapidly adopting personal cloud-based collaboration services such as Microsoft’s SharePoint and OneDrive, so they use this tool to gain access through the user clicking on malicious links for the purpose of transaction-related frauds, supply chain fraud, etc.
These attackers know training people by using the same template or requiring manual customization from the IT security teams is not so useful.
These emails contain malicious links in hardly one to two percent part of the whole emails or messages, but the probability that the user will click those links even after getting aware or training from IT personnel is 13-15 %.
The most vulnerable sectors to this type of phishing attack are Healthcare, scientific services, and Information technology. More than 300 million phishing attacks have already been done during the last 6 months using link-based URLs, attachments, and natural language messages in emails like this. To avoid this type of issue, you have to be aware of such emails and not click any links or do not download any files attached to them.
To eliminate feasible malware infections, scan your computer with legitimate antivirus like “NetProtector AntiVirus”
Install NPAV on your systems to ensure best-in-class security against malware and ransomware attacks. Use NPAV and join us on a mission to secure the cyber world.