FICORA lowers alert level for Office 365 phishing

The alert for Office 365 phishing and user account hacking remains effective but has been lowered from critical to severe. Office 365 users are still being targeted by cybercriminals who phish for credentials in an attempt to hack into accounts. Organisations using Microsoft products should inform their users of the continued phishing threat and make sure they have sufficient technical protection measures in place.

The reduced number and severity of reports submitted to FICORA indicate that the threat is no longer critical. The threat remains, however. We reiterate our alert for Office 365 credential phishing but reduce its severity from critical (colour code red) back to severe (colour code yellow).

All organisations using Microsoft software should continue to be mindful of the threat of phishing and hacking. Software users must be educated to spot the difference between a scam email or website and a genuine user account related email or a web user interface. The administrators of the data systems of organisations must continue to critically assess the adequacy and comprehensiveness of protection measures.

In particular, shortcomings have been observed in intrusion detection and in multi-factor authentication settings. Criminals have been able to bypass multi-factor authentication procedures and monitor message traffic for long periods of time without being detected.

It is also advisable to prepare for the emergence of new credential phishing methods.

Further information

Update history

Key words: Information security , Cyber security , Cybercrime , Data break-in , Email , Hoax , Password , Phishing , Spam , Information security now!

LinkedIn Print


The Finnish Communications Regulatory Authority (FICORA)

The National Cyber Security Centre Finland (NCSC-FI)

P.O. Box 313, FI-00561 HELSINKI

Dynamicum, Erik Palménin aukio 1, 00560 HELSINKI

Media contacts by telephone +358 295 390 248