1 min read

Court Lets Microsoft Seize Web Domains Used in COVID-19 Phishing/BEC Scams and Fraud

Filip TRUȚĂ

July 08, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Court Lets Microsoft Seize Web Domains Used in COVID-19 Phishing/BEC Scams and Fraud

A U.S. court order has allowed Microsoft to seize control of key domains controlled by fraudsters to halt criminal activity after an increase in scams targeting users of Office 365.

The U.S. District Court for the Eastern District of Virginia this week unsealed documents detailing a cat-and-mouse chase between Microsoft and a group of alleged state-sponsored fraudsters.

Originally observed by Microsoft”s Digital Crimes Unit (DCU) in December 2019, the group recently renewed its phishing techniques, switching from corporate messaging to scams exploiting the COVID-19 scare.

The civil case against the hackers produced a court order allowing the Windows maker to seize control of key criminal infrastructure. According to the announcement, the campaign appears to be state sponsored and targets business leaders with classic phishing and business email compromise (BEC) techniques.

“This malicious activity is yet another form of business email compromise (BEC) attack, which has increased in complexity, sophistication and frequency in recent years,” Microsoft says in a blog post.

But unlike the average phishing/BEC scam, in which attackers try to siphon credentials from the victim, this scheme goes for direct access to the victim”s Office 365 account.

“Once victims clicked on the deceptive links, they were ultimately prompted to grant access permissions to a malicious web application (web app),” Microsoft explains.

“Unknown to the victim, these malicious web apps were controlled by the criminals, who, with fraudulently obtained permission, could access the victim”s Microsoft Office 365 account,” the company says.

If successful, the attacker gained instant access to the victim”s email, contacts, notes and any content in the victims” OneDrive for Business cloud storage space and corporate SharePoint document management and storage system.

The company advises Office 365 users to enable two-factor authentication on all business and personal email accounts and urges users to study up on devious phishing scams. Bitdefender also recommends using a trusted security solution on all personal devices.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Iranian Threat Actor Deployed Malicious PowerShell Script through Phishing, Then Stole Files and Credentials Iranian Threat Actor Deployed Malicious PowerShell Script through Phishing, Then Stole Files and Credentials
Silviu STAHIE

November 26, 2021

1 min read
Ukraine Arrests Five iPhone Hackers of the Phoenix International Hacking Group Ukraine Arrests Five iPhone Hackers of the Phoenix International Hacking Group
Filip TRUȚĂ

November 26, 2021

1 min read
Couple arrested for secretly installing cryptomining software on department store PCs Couple arrested for secretly installing cryptomining software on department store PCs
Graham CLULEY

November 26, 2021

1 min read