Posti impersonation phishing and M365 security guidance

Summary

Text messages impersonating Posti (Finnish postal service) are being used to phish for bank credentials. Review also covers how companies can improve M365 information security.

Key Details

• Attack: SMS phishing impersonating Posti
• Target: Bank credentials
• Additional: M365 security improvement guidance
• Timeline: Early April 2023

Notes

• Brand impersonation (trusted organization)
• SMS as attack vector
• Confidence: high