Microsoft in itsthe near futureThe threat intelligence report reveals that the threat actors are abusingSharePointTheOneDriveandDropboxWaiting for legitimate file hosting services to initiate commercial email intrusion（BEC）Attack.

Research indicates that these networksattackThe fishing activity cleverly utilizes different privacy settings in cloud hosting services. Attackers set up“read-only”The mode file and disabling the download function effectively evade detection by the email security system. They are embedded in the fileURLTherefore, it can be hidden and not easily discovered. This technique not only allows attackers to bypass traditional security solutions, but also provides them with opportunities to steal login credentials and deploy malicious software.

sincetwo thousand and twenty-fouryearfourSince the beginning of the month, such fishing activities have significantly increased, and the attackers' tactics have become increasingly cunning. They lure victims into using one-time passwords by carefully designing restrictions on accessing files（OTP）Perform identity verification. becauseOTPOften seen as an enhanced security measure, victims tend to trust more when faced with such requests, thus relaxing their vigilance. However, once the victim completes authentication, they will be directed to a counterfeit website page where the attacker will try to steal the victim's login information and two factor authentication token. Once this information is obtained, attackers can easily control the victim's account and further expand their attack scope, even engaging in illegal activities such as financial fraud.

SlashNextOn site email security companyChief Security OfficerStephen KowskiThis trend has also been confirmed, as his team has found a significant increase in such complex phishing activities over the past few months.KowskiIt is pointed out that these attacks exploit trusted file sharing platforms, making it particularly difficult to detect and prevent them using traditional methods.

Microsoft's Security TeamThreat IntelligenceanalysisThis type of attack incident indicates that,Its success largely relies on complex social engineering techniques. Attackers cleverly induce victims to make incorrect judgments and operations by exploiting human psychological and behavioral characteristics, thereby easily bypassing the security system that should have played a protective role. Faced with this challenge, Microsoft strongly recommends that companies strengthen their vigilance against such risks. althoughSharePointTheOneDriveandDropboxThe services themselves are legal and secure, but they can also become tools for criminals to attack. Therefore, companies need to take a series of measures to prevent such threats.

Firstly, enterprises should strengthen safety training for their employees,enhanceTheir safety awareness. Secondly, enterprises should deploy advanced security technologies, such as browser based detection technology and artificial intelligence driven phishing detection tools. These technologies are capable of identifying malicious content in real-time, regardless of its source. Finally, enterprises should implement a multi-layered defense strategy to ensure information security. By comprehensively utilizing various security measures and technological means, an effective protective net is formed to resist network threats from all aspects.