Product, Service, Component: Autodesk Drive
Impact: Shared Phishing Links
Original Publish: 4/30/2024
AUTODESK TRUST CENTER
Advisories are used to communicate information related to vulnerabilities identified with Autodesk® products and services. This includes any fixes or workarounds that are applicable to the affected product.
Product, Service, Component: Autodesk Drive
Impact: Shared Phishing Links
Original Publish: 4/30/2024
In March, Autodesk was made aware of an incident where an external user published documents to Autodesk Drive containing links to a phishing web site. Our Cyber Threat Management & Response Team immediately responded to this incident, and the malicious files are no longer being hosted on Autodesk Drive. No customers have reported being impacted by this incident.
A common security attack is to embed malicious links in documents to propagate phishing campaigns, fraud and scams. Autodesk Drive is a cloud storage solution that allows individuals and small teams to organize, preview, and share design and model data within various file types, including PDFs. A recent phishing campaign involved both Autodesk Drive and Microsoft OneDrive where hackers uploaded PDF documents containing links to a phishing web site, where recipients were instructed to input their Microsoft credentials.
In addition to continually monitoring our services for malicious use, Autodesk provides security controls within our products to help customers lower their susceptibility to phishing attempts like these. To reduce the risk of a phishing attempt, please make sure you follow the recommendations below:
We also recommend employing the following best practices to identify and report suspected malicious links and files.
We are committed to continuous improvement of our security scanning capabilities to prevent bad actors from misusing our cloud services to host malicious content or any other violation of Autodesk policies.
Disclaimer
INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” IN CONNECTION WITH AUTODESK PRODUCTS. AUTODESK AND/OR ITS RESPECTIVE SUBSIDIARIES, AFFILIATES, SUPPLIERS AND LICENSORS AND ITS AND THEIR DIRECTORS, OFFICERS, EMPLOYEES, AGENTS AND REPRESENTATIVES MAKE NO REPRESENTATIONS ABOUT THE SITE, ANY PRODUCTS AND SERVICES CONTAINED ON THE SITE OR THE SUITABILITY OF THE INFORMATION CONTAINED IN THE MATERIALS, INFORMATION, CONTENT, DOCUMENTS, AND RELATED GRAPHICS PUBLISHED ON THIS SITE FOR ANY PURPOSE. THE SITE, ANY PRODUCTS OR SERVICES (INCLUDING WITHOUT LIMITATION, THIRD PARTY PRODUCTS AND SERVICES) OBTAINED THROUGH THE SITE, AND ALL SUCH INFORMATION, CONTENT, DOCUMENTS, AND RELATED GRAPHICS ARE PROVIDED FOR YOUR USE AT YOUR OWN RISK AND "AS IS" WITHOUT WARRANTY OF ANY KIND. AUTODESK AND/OR ITS RESPECTIVE SUBSIDIARIES, AFFILIATES, SUPPLIERS AND LICENSORS HEREBY DISCLAIM ALL WARRANTIES AND CONDITIONS WITH REGARD TO THIS SITE, SUCH PRODUCTS AND SERVICES AND SUCH INFORMATION, CONTENT, DOCUMENTS, AND RELATED GRAPHICS, INCLUDING ALL IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT.
© 2024, Autodesk, Inc.