Office 365 users: Beware of phishing emails pointing to Office Sway

2020-01-10 10:52

The latest example of this involves Office 365 users being directed to phishing and malicious pages hosted on Office Sway, a web application for content creation that's part of Microsoft Office.

"The Sway page will include trusted brand names. Most commonly, the spoofed brands are Microsoft-affiliated, just like the SharePoint logo shown in the example above," Avanan explained.

If the recipient is logged into an Office account, Sway pages appear wrapped in Office 365 styling with accompanying menus, making the page even more convincing.

"Attackers can turn Microsoft Sway into most any site they like, causing both Outlook and even the most savvy recipients to trust sway.com links," the company pointed out, and noted that because the attackers are using multiple senders and domains, blacklisting them won't work.

"Instead, we've seen many clients blacklist sway.office.com in their web filters. Unless your organization actively uses Sway, you should consider blocking Sway links," they advised.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/6AKmXwlC_y8/

#email #office #office365 #phishing

News URL

Related news