Some Office 365 accounts have recently come under attack. Hackers are targeting admin and system accounts with a phishing tactic dubbed KnockKnock.
According to SkyHigh, the attackers are keeping a low profile and attacking a small amount of accounts. However, the hackers are cleverly targeting service accounts, automation accounts, and machine accounts. SkyHigh notes these types of accounts often have higher access and lax password policies. After the hackers gain access, they exfiltrate data in the inbox and use phishing attacks to spread the infection through networks.
SkyHigh recommends using SSO and multi-factor authentication to reduce the likelihood of falling victim to an attack like this. To learn some more best practices to protect your Office 365 data from vulnerabilities like this, check out our eBook: Ransomware and Office 365 for Businesses. This eBook offers tips to fend off ransomware and keep your data secure and accessible.