Is Your Business Prepared for a baseStriker Attack?
If your business uses Microsoft 365, then your team might be at risk. It wouldn't be long until a cybercriminal puts you in their crosshair and launches an attack called baseStriker. Worse, they may have already launched their attack on your business.
baseStriker is an attack vector that can infiltrate your Microsoft 365 account. This method allows criminals to send malicious links to your email with a minor tweak on the URL tag. This attack bypasses even the advanced Office 365's defenses like Safe Link and Advanced Threat Protection.
Thinking that their emails are safe, users don't realize that they have already accessed malicious links from hackers. This resulted in hundreds of breached networks worldwide and unrest in the business sector.
So far, it has affected over 100 million users, making it one of the most significant security flaws of the program.
At Intelligent Technical Solutions (ITS), we help businesses protect their network from cyberattacks. We use sophisticated technology to ensure networks' safety and raise awareness of cyber threats.
This article will help you understand the baseStriker attack and its orchestration. We'll also share tips on what you can do to protect your business from such attacks.
What is a baseStriker Attack?
The name baseStriker came from the hacker's method of orchestrating the attack. Using the < base> URL tag, attackers manipulate Microsoft 365's defense measures by splitting and disguising malicious link using the <base> URL tag. This minor tweak tricks the Office 365 software into believing it is safe. Hence, allowing it to bypass all security measures of the program.
Since its inception, baseStriker has grown in popularity among the hacker community. Its penetration through security programs allows criminals to target millions of users worldwide with the least exerted effort.
How is it Carried Out?
Hackers send links to their targets through phishing methods. But how does it get through Office 365's phishing email filtering capabilities? Here's the explanation.
In traditional phishing scams, a malicious link found in an HTML email is blocked by the Office 365 security programs. When these programs see a suspicious link, they perform a lookup using a list of known bad links. Once verified that it is malicious, the security measures will quarantine the email.
Meanwhile, Advanced Threat Protection prevents access to bad URLs by detecting and replacing them with a "safe link."
In baseAttacks, hackers split their URLs into two snippets of HTML: a base tag and a regular href tag. The splitting prevents the Microsoft 365 programs from handling the HTML codes. The program does not identify the bad link, allowing the phishing email through its filters.
What Has Been Done to Stop baseStriker Attacks?
After receiving reports about the baseStriker attacks, Microsoft immediately worked on creating a patch for the vulnerability. Two weeks after its discovery, the company released a security update that helped mitigate the issue. Though it hasn’t brought the cases down to zero, it significantly reduced the number of baseStriker emails that pass through its security programs.
Meanwhile, Gmail came up with their own base tag detector software to protect its users who’re using Microsoft 365. The company’s detectors have worked greatly in suppressing baseStriker emails with cases amounting to almost zero.
What You Should Do to Protect Yourself
Despite the patch release by Microsoft, a handful of phishing emails using the <base> URL tag still find their way to users' inboxes.
If you do receive suspicious messages, don't open them. There's a significant probability it's a phishing email using the baseStriker method. Always practice caution and be on guard for red flags. Here are a few reminders when examining an unfamiliar email:
Always check the sender/source of the email
Check if the email came from a domain or business you recognize. You may also want to check their email address and see if there's a spelling error. Misspelled names and grammar errors are a telltale sign that you're dealing with a hacker.
Ask yourself if the message is suspicious
Hackers play dirty tricks in their scheme. They will play with your emotion to make you do what they want. Often, they will send messages with an urgent tone to put your guard down. These messages range from a compromised account, password change, lottery prize, etc.
Watch out for suspicious links/attachments
Never visit links or attachments from unverified emails. It will only lead you to a bogus website where a hacker can steal your credentials. Meanwhile, the attachments are malware that can harm your network.
We also recommend the use of two-factor authentication. It allows users to reduce their vulnerabilities to information thefts done by malware.
Email filters are a great addition to your security measures, but you shouldn’t rely on them all the time. Hackers have always devised ways to get around them, no matter how advanced they are.
Still, one of the best ways to keep hackers at bay is to educate your team and raise awareness on how to spot phishing emails. Employees should take constant training and refresher courses on cybersecurity to help reduce the vulnerabilities of your business.
Hiring a Managed IT Service Provider (MSP) is also a great way to protect your business. A seasoned MSP can help strengthen your cybersecurity using modern programs and technology. Plus, they conduct proactive systems checks and regular maintenance of your network.
Is Your Business Protected Against baseStriker Attacks?
In a nutshell, baseStriker is a modified phishing attack. It bypasses Microsoft 365's security measures by splitting and disguising malicious links using the <base> URL tag.
Though worrying, the real threat will only occur if you follow their instructions. Never click unverified links or download attachments from suspicious emails. Always be on alert and verify the source first before opening messages. Remember, never reply to an unknown sender.
Use two-factor authentication for enhanced security and encourage your team to take cybersecurity training to increase awareness.
At ITS, we help businesses boost their cybersecurity by providing the necessary tools they need to prevent attacks. We are also committed to raising awareness of cyber threats and how to stop them.
If you want to learn more about how you can improve your business's cybersecurity, then feel free to download our eBook 3 Types of Cyber Security Solutions Your Business Must Have.