The chances of you opening, clicking or downloading a document sent from a colleague or friend are much higher than acting on an email from someone you don’t know. Cybercriminals know this well, which is why they are sending attacks to the friends and colleagues of compromised account owners.
Based on some of the recent threat activity we’re seeing, criminals are regularly using file sharing document emails (such as OneDrive and other popular services) to initiate attacks from hijacked accounts. Here’s what we know about these scams, and some ways your organization can be sure to avoid them:
Baiting the targets
In order for cybercriminals to take over an email account, they first need the credentials. Unfortunately, with today’s cunning phishing methods, this can happen without the victim ever noticing.
