Welcome to Jocote Technologies (Pty) Ltd. T/A KONDURA TECHNOLOGIES

the computer support company

Port Elizabeth, South Africa

Member Login
Lost your password?

Posts Tagged ‘ mysterious outlook rule ’

SECURITY ALERT: hidden rule sending your mail to scammer

References used: Associated Enterprises / Microsoft Outlook Exploit

“A difficult to detect phishing attack is catching Outlook users off guard, as it uses the built in Rules feature to forward emails to an attackers third party mailbox. In most cases the rules are configured to detect keywords related to finance, such as “Payment”, “Invoice” or “Bank”.

The malicious Outlook rules are created using traditional email phishing methods.  The target will receive and email apparently from an existing contact or organisation known to them. A link in the phishing email takes the user to a fake Office 365 login page and requests the user’s credentials. When they have been entered the log-in fails, but the attackers can the install an Email Forwarding rule in to the target’s Outlook rules.”