Posts

Punycode Causes Big Problems for Office 365 Online Users

Security for online or on-premise infrastructure can never be taken for granted. We have identified a defense against a new attack that’s targeting Office 365 business users. This is a very real threat to any companies using Office 365 email because it is specifically designed to bypass Microsoft Security and obtain corporate ID and passwords from your users. (Read this article from today’s SC Magazine website: http://www.infosecurity-magazine.com/news/office-365-biz-users-targeted-in/).

How it works

This attack is taking advantage of a particular vulnerability in the way that Office 365 Email handles so-called ‘punycode’ web addresses so that the attacker can send a URL that Office 365 deems benign, but will take a user to a look-alike login page for Office 365.

What is Punycode?

Punycode domain names are used to handle web addresses with non-ASCII characters like the ü in bücher.ch. Punycode uses the “xn--” command to tell a browser to translate an address like this to xn--bcher-kva.ch.

This attack has bypassed Microsoft Office 365 Advanced Threat Protection since it uses what’s called Puny encoding, fooling Office 365 into believing that the URL is safe.

What can you do?

The New Puny-Phishing: How it works

To explain this attack, we will use an example from a real attack captured in early December 2016. The attacker sent a fake FedEx email with a benign looking URL that goes to a malicious site.

puncode-image

We can scan your user accounts.

We are offering a scan of your user email accounts to identify which of your users have received this attack so that you can take remediation measures to immediately change their Office 365 and other corporate passwords! Please contact us now at [email protected].

Office 365 Lync Online Mobile Client Now Available

The mobile app for Lync client was made available to the Windows Phone 7 and Android platform recently. The Lync mobile app that can be downloaded from the apps tore will work with Lync Online which is part of Office 365 and also with on-premise Lync server setup.

The Lync mobile app has below features

• Instant Messaging
• Contacts
• Join a conference call through the conference provider
• Presence information

Lync online mobile client

Lync Mobile app for Iphone, Ipad, and Nokia are already underway and would be available in the respective marketplace very soon.

For Lync servers on-premise an update that enables mobile clients to have to be applied to the servers for the Lync mobile app to connect to the Lync on-premise server. For Office 365 Lync Online these updates are already installed by Microsoft and mobile app can be used immediately. This stresses that how Office 365 alleviates an update and maintenance headache from IT.

For connecting the Lync Mobile app with Lync Online in Office 365 there are changes to be made to the DNS settings.  The mobile app settings are different if you are using vanity domain or if you are using the onmicrosoft.com domain.  IOTAP will take care of all these settings and configurations for our office 365 customers.

Contact Us to discuss your Cloud and Unified communications strategy or click here for details on our Office 365 services