Fake QR Code emails
We are seeing an increase in fake emails about expired passwords, your MFA expiring, and other general security issues.
The link will take you to a hackers website where you will be asked to enter your username, password and MFA codes.
The hacker’s website proxies the information to Microsoft’s genuine servers and captures your “MFA token”
If you fill in the form the hacker has your MFA token along with your username and password.
They are now able to access your email and data.
They will copy all your contacts, they will sit and watch who you email, who you send invoices to, who sends you invoices.
They will plan to intercept real invoices and send your customers or suppliers fake invoices.
The result? Someone may lose a significant amount of money.
How to help prevent?
- Use a 3rd party spam system (https://warringahit.com.au/spam-protection/)
- We increase your security by adding a license that helps us setup restrictions from overseas countries (https://warringahit.com.au/form-overseas-country/)
- Participate in Security Access Training for your staff and and also yourself (https://warringahit.com.au/sat/)