top of page

Saas as a threat

Saas as a trat
Saas as a treat

Attacks like credential stuffing or email phishing to access SaaS applications are known and most employees are aware of them.

Now, however, a much more dangerous trend is emerging. Instead of attacking a customer's tenant for a SaaS application (e.g., at Microsoft 365), an attacker lures employees into joining a tenant created and controlled directly by the attacker. SaaS applications allow anyone to name their application tenants freely, including the company name and the use of terms such as Teams.

Attackers send invitations directly to employees from the application, asking them to join or register if they aren't already a user.

It is very difficult for employees to recognize that it is an attack, especially if the invitations are tailored to the company's environment. Continuous training of employees for all possible types of attacks is therefore absolutely necessary.


bottom of page