JAKARTA - Recently, security expert Kaspersky discovered a new way for cybercriminals to send phishing to its targets, such as using a valid SharePoint notification.
Kaspersky said that this tactic with valid notifications could easily trick email spam filters and also trick the alertness of employees who understand technology.
"First of all, the file is unknown and so is the sender. Colleagues or partners usually don't share documents without intro. There are more danger signs: links to OneNote files are notified and PDF files appear on the server out unexpectedly," said Roman Dedenok, Spam Analysis Expert at Kaspersky in a statement received in Jakarta.
Furthermore, Roman said that the download link leads to a third party website, whose web address has no correlation at all with the employee company concerned or the SharePoint server.
"The phishing site imitates the login page for OneDrive, which is another Microsoft service unrelated to SharePoint. To stay safe, it's important to be careful with all suspicious and alert emails against the inconsistency," he explained.
To remain protected from various phishing techniques targeting small, medium and large businesses, Kaspersky recommends implementing the following steps:
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)