Cyber threats are becoming more sophisticated, and the 'Request for Quote' scam is a prime example of this. It’s a devious attack which can compromise your Microsoft 365 account. All Senior Managers and everyone in the finance function – especially those responsible for payments – need to be aware of it.
Here’s how the scam works and the steps you can take to protect your organisation.
To sum up, you follow up what seems like a legitimate enquiry, and are presented with what appears to be a legitimate login page. Unfortunately, the deception works because it mimics legitimate business practices – right until the time you click to view that document.
Cybercrime is a major problem but by following a few simple steps and embedding good practice into your organisation you can reduce your risk.
Always confirm the identity of anyone requesting sensitive information.
Use established, secure methods for sharing business information. Be wary of sudden changes in communication channels.
Equip your staff with the knowledge to recognise and report phishing attempts.
Use multi-factor authentication and consider using Azure AD Premium 2. This identity and access management solution offers additional protection and helps to thwart attackers even if they have your credentials.
Be ready with a comprehensive plan for security incidents to ensure you can act swiftly and effectively.
Use advanced threat protection
Choose software that can detect and respond to threats in real time.
We hope this information will help you avoid falling victim to the Request for Quote scam, but remember, you have to be vigilant – cyber threats are always changing. It’s always preferable to take proactive steps to defend your business rather than trying to repair the damage after an attack.