Services available through the Microsoft Office 365 suite, including SharePoint and OneDrive, are increasingly popular targets for phishing scams. (Microsoft)

Attackers are exploiting the rapid adoption of cloud-based collaboration services such as Microsoft’s SharePoint Online and OneDrive by leveraging them as a social engineering tool to trick users into clicking on malicious links, often for the purpose of wire fraud or supply chain fraud.

In an analysis this week, cybersecurity firm Proofpoint revealed that in the first half of 2020, it collected approximately 5.9 million email messages featuring malicious SharePoint Online and OneDrive links. While these emails constituted only about one percent of all messages containing malicious URLs, they represented more than 13 percent of all user clicks.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.