Skip to main content
Identity Theft Detection & Response (ITDR) In Real Life (IRL)

When we talk to clients about Cyber Security a common response is “It won’t happen to me”.

When we ask how susceptible to phishing emails their staff will be, we get the same response, “It won’t happen to me”.

With over 50% of all cyberattacks being the result of human error, the sad news is “it is probably going to happen to you”.

 

 

Earlier today we had a real life example, read on to find out how this happened.

Our customer uses a third-party payroll service who had fallen victim to a cyberattack.

One of the things the cybercriminals did first was to email all of their customers with a phishing email designed to trick the recipient into entering their user credentials to read the important information sent by the company that pays the end user wages… 
 

The Phishing Email Sent From The Compromised Account

…as it is payday later this week, 7 users at our customer fell for this and entered their Microsoft 365 credentials into this email harvesting phishing site.

This opened our customer's Microsoft 365 identity and credentials to the cybercriminals.

Thankfully, our customer takes cyber security seriously and benefits from our 24x7 Microsoft 365 Identity Theft Detection and Response (ITDR) service.

This 24x7 service, monitored for Pro-Networks from the Huntress Security Operations Centre identified the usual activity and immediately…

•    Revoked all active sessions (kicking the bad guys out),
•    Logged out the compromised identity,
•    Disabled the compromised user from Microsoft 365 preventing the attack from spreading

…this stopped the cybercriminals immediately before they could do any damage within our customer's Microsoft 365 Tenancy.

 

 

 

The incident report log for one of the 7 incidents is shown to the right.

Below this we have four pages from the customer monthly report detailing this incident...

Incident Report Log
Threat Report - Page 1
Threat Report Page 3
Threat Report Page 2
Threat Report Page 4

Our customer, unlike the third-party payroll company has had their security breach immediately dealt with in minutes and doesn’t have the threat of losing data, ransomware or the embarrassment of having to speak with each of their customers following this attack.

Cyber Security is a 24x7 problem and Business Armour by Pro-Networks is a 24x7 solution. 

To find out more about Business Armour please click here.

Blog Category

x

 

To speak to an engineer call

01244 535527

Start a remote support session by clicking the button below.

Remote Support

Login to the Helpdesk by clicking the following button.

Helpdesk Login