STOP: Don’t Click Here!

Our message today is a simple one: Don’t Click Here! If you get an email that has any link to click, STOP: Don’t Click Here!

As more law firms move over to Microsoft Office 365, they need to be aware of hacking schemes that come via email and are slipping through standard email security and filtering services. These emails have addresses that look much like they are coming from Microsoft, Microsoft Support, Office 365 or Outlook, but if you look closely, you will find they are fake. They may have Microsoft logos in them or mention that someone is trying to share a document with you via One Drive.

STOP: Don’t Click Here!

By now, you are well aware that you should never click on a link in an email from someone you don’t know. But what about those like the ones we describe above that seem like they’re coming from a legitimate source? How do you know?

STOP: Don’t Click Here! Check a few things first!

Most email applications will allow you to direct your cursor to hover over the sender’s name or email address first, before you click anything. When you hover over it, a larger box will pop up with the purported email address of the sender. Don’t trust it! More often than not, it will not be the actual. The actual sender is hidden deep in the email message header making it difficult to verify by the ordinary user.

Obviously fake. It came from Denmark, not Microsoft.

hacker email image

Obviously fake. It came from Japan, not Office 365.

hacker email image

 

Microsoft would never send a link for password confirmation.

hacker email image

Hovering works well, however, for links in your email. If you hover your mouse over them, you will be able to see the full path in the link.

I am a member of the Palm City Chamber of Commerce. Maybe this is important.

hacker email image

Why is the Chamber of Commerce using a school website? They are not!

hacker email image

You must pay attention to everything between http:// or https:// and the next /. If it does not end in .com, STOP: Don’t click here! If it does end in .com, then look at the previous word, in this case estherobertshools, before any dot (.) that may precede it. This is where you will go if you click. Here you would go to estherobertschools.com owned by Okechukwu Jonnwakalo out of Nigeria.

This could be legit. It is from microdesk.com and not some foreign country.

Maybe it’s from someone I know.

hacker email image

Even more impressive, it is from sharepoint.com.

Microsoft uses Sharepoint to operate OneDrive and owns the Internet domain sharepoint.com.

hacker email image

Clicking the link about will redirect you to a legitimate Microsoft online login. This will generate what is called an OAuth token which will be passed back to the hacker, giving them access to your Office 365 account. Not Good! STOP: Don’t Click Here! They used a legitimate cloud system to make it appear real.

Bottom Line. STOP: Don’t Click Here! Be extremely sure someone you know intended to send you a link.

The risks to law firms
Law firms collect and store thousands of pieces of personal and professional information about clients, including financial information, bank accounts, social security numbers and so much more. Even the smallest law firms have become marks to hackers who see these companies as easy targets to their schemes.

A law firm’s best defense against hackers is to make sure every person in the firm understands the risk and is well-trained on current hacking techniques. Investing in quality email security software and buying cyber insurance are also recommended to prevent against exposure to cyber criminals.