PhishPoint: A Microsoft SharePoint phishing attack

Why do cyber criminals use phishing as their go-to method of hacking? Because it works.

Making its way into the news is a phishing attack being called “PhishPoint.” This attack targets Office 365 end user credentials. While Secant’s SiteCARE 360° and Email Defender clients are protected, other Office 365 users may be at risk.


Office 365 Login ScreenPhishPoint allows cyber criminals to exploit Microsoft’s email link-scanning. Link-scanning reviews the links in an email’s body but it ignores files hosted on other Office 365 services. Hackers then use SharePoint files to host phishing links. This means they can bypass Office 365 email security measures.

During an attack, the Office 365 user receives an email containing a link to a SharePoint document. The message looks identical to a typical SharePoint collaboration invitation. The email’s hyperlink opens a SharePoint file that mirrors a standard access request to a OneDrive file. This file contains an Access Document link that takes the user to a spoofed Office 365 login screen. If the user attempts to log in, the cyber criminals have his or her credentials.

Phishing Safety

Phishing is the top cause of data breaches worldwide. We offer a few tips to help protect you and your organization from phishing attacks.

  1. Hover over a link before you click
  2. Consider the legitimacy of the content you’re clicking on
  3. Beware of error-ridden communication

Keeping these three tips in mind should help you combat 90% of the phishing out there. But cyber criminals are savvy and always attempting to stay ahead of the curve. Secant’s digital security experts have industry certifications and the relevant experience to help protect your organization. With services and solutions like SiteCare 360° and Email Defender, you can trust Secant to help you navigate the increasingly daunting security landscape.

Contact Secant today!

Email or call us to discuss your organization’s digital security strategy!