Take a Bite Out of Cybercrime

Multifactor Authentication (MFA) Registration Process

Introduction to MFA

Multifactor authentication (MFA) is an account-security measure intended to verify and confirm you are the person actively logging into your account. MFA and basic security defaults should be enabled for everyone. Identity-related attacks like password compromise, replay, and phishing are common in today's environment. More than 99.9% of identity-related attacks are stopped by using MFA and blocking legacy authentication. The goal is to ensure that JA Worldwide establishes a higher level of account security.

MFA RegistrationProcess

Users can register for MFA through multiple methods, as shown below.

  1. Log in to https://aka.ms/mfasetup

  2. Login with your email ID & password

  3. Users can either set up MFA with the Microsoft Authenticator App or a phone number.
    Recommendation: Users should register for MFA multiple ways (such as using both the authenticator app and a phone number) to enable a backup login method if one doesn’t work.

Reviewing Mail Rules and RSS Feeds

General Security Measures

Always make sure that your computer is running antivirus software approved by the IT department, as malware can be used to create malicious mail rules and RSS feeds or run malicious code that can grant remote access or leak data to an attacker.

Ensure you use secure passwords for all accounts. If any of your accounts have suffered a data leak, the IT Department should be notified and you must take further action, such as resetting the account password. Check if your account has been compromised at haveibeenpwned.com.

Finally, make sure you regularly update all your devices and software to ensure you are protected by the latest patches, which will help keep you safe and secure.

Mail Rules

Rules in Outlook allow you to automatically perform an action based on the characteristics of an incoming message. This tool can be used for a wide variety of functions; however, like any feature, it can be misused for malicious purposes. Some examples of malicious uses include . . .

  1. Email filtering and deletion: Malicious users can create rules that automatically filter or delete specific emails, such as those from competitors, whistle-blowers, or regulatory authorities. This can help them conceal important information or evade legal actions.

  2. Email forwarding: Attackers can set up a rule to automatically forward incoming emails, including sensitive or confidential information, to an external email address, potentially exposing sensitive data to unauthorized individuals.

  3. Email redirection: Like forwarding, malicious rules can redirect emails to another mailbox without the sender or recipient's knowledge. This can be used for corporate espionage or data theft.

  4. Phishing and spam: Malicious actors can create rules to mark legitimate emails as spam or move them to the junk folder, making it more likely users will miss important messages while tricking them into thinking malicious emails are legitimate.

  5. Spoofing and impersonation: By creating rules that automatically reply to or forward emails with misleading information, attackers can impersonate trusted individuals or organizations, potentially tricking recipients into taking harmful actions.

  6. Automatic reply attacks: Malicious rules can set up automatic replies with malicious links or attachments to anyone who emails the compromised account, potentially spreading malware or phishing links.

  7. Exfiltration of data: Attackers can use rules to systematically search for and extract sensitive information from incoming emails, which can then be collected and used for malicious purposes, such as extortion or fraud.

To mitigate these risks, every individual should review and audit existing email rules regularly to identify any suspicious or unauthorized configurations. If you find any such suspicious or unauthorized configurations, immediately report them to your IT team for further action and risk mitigation.

RSS Feeds

RSS (Really Simple Syndication) feeds deliver frequently updated content from websites, blogs, news sources, and other online publishers to users in a standardized format. RSS feeds allow users to subscribe to their favorite websites and receive updates automatically, often through a reader application or by email. While RSS feeds are generally a legitimate and convenient way to stay informed, they can be used maliciously in a few ways:

  1. Spreading malicious content: Malicious actors can create fake RSS feeds that appear to deliver legitimate content but contain links to malware, phishing sites, or malicious downloads. Unsuspecting users who subscribe to these feeds may inadvertently expose their systems to security threats.

  2. Phishing attacks: Attackers can use RSS feeds to distribute phishing content. They might set up feeds that appear to provide updates from a trusted source, but the links within the feed direct users to fake login pages or sites designed to steal sensitive information.

  3. Distributing malware: Malicious RSS feeds can contain links to infected files or exploit kits. When users click on these links, they may inadvertently download and execute malware on their devices.

  4. Content manipulation: In some cases, attackers may gain unauthorized access to legitimate RSS feeds and manipulate their content. This can involve injecting false information or inserting malicious links into legitimate feeds, potentially misleading or harming subscribers.

  5. Data harvesting: Malicious RSS feeds can collect user data. When users subscribe to these feeds, attackers can gather information about their preferences, interests, and reading habits for nefarious purposes.

To mitigate these risks, every individual should make sure they are signing up for legitimate and trusted feeds. Be cautious with links within RSS feeds, especially if they are from unknown sources or seem suspicious. Always verify the legitimacy of a source before clicking.

Make sure to regularly review your subscriptions and remove any that you no longer find useful or that come from untrustworthy sources.