Home Cybercrime Microsoft has taken legal action against COVID-19-related cybercrime

Microsoft has taken legal action against COVID-19-related cybercrime

Affecting 62 Countries and with having sent out millions of phishing lure emails, Microsoft sues to gain control of cybercriminal domains.

What’s the skinny? Earlier today the U.S District Courts unsealed documents that detailed Microsoft’s efforts to disrupt cybercriminals that were taking advantage of the COVID-19 pandemic. The cyber attacks Microsoft is looking to thwart affect 62 countries around the world. Microsoft’s civil case resulted in a court order that would allow Microsoft to seize control over key domains that the cybercriminals were using to trick would be victims into believing they were interacting with a legitimate Microsoft domain.

Microsoft said they first observed these cybercriminals back in December of 2019, before the outbreak. Back then the attacks where thwarted by Microsoft’s digital crime unit by using technical means to block the criminals activity and disable the malicious application used in the attack.

Photo Credit: Microsoft

Now with the pandemic in full swing, these cybercriminals are back at it again, however this time they are using the outbreak as a way to disguise their phishing emails and trick would be victims into clicking on their contents.

Once the victim had clicked the malicious link, a web app disguised as a Microsoft app would open up prompting the victim to give permissions, grant access and control over the users Office 365 account contents. The attacker would now have access to the victims email, contacts, notes and material stored in the users OneDrive for Business cloud storage space and corporate SharePoint document management and storage system. Below is an example of the malicious web app that is looking to be given access to the victims Office 365 account.

Photo Credit: Microsoft

Microsoft takes many measures to monitor and block malicious web apps based on telemetry indicating atypical behavior and has continued to enhance our protections based on this activity. In cases where criminals suddenly and massively scale their activity and move quickly to adapt their techniques to evade Microsoft’s built-in defensive mechanisms, additional measures such as the legal action filed in this case are necessary. This unique civil case against COVID-19-themed BEC attacks has allowed us to proactively disable key domains that are part of the criminals’ malicious infrastructure, which is a critical step in protecting our customers.

Tom Burt – Corporate Vice President, Customer Security & Trust

Tom Burt says “To further protect yourself against phishing campaigns, including BEC, we recommend, first, that you enable two-factor authentication on all business and personal email accounts. Second, learn how to spot phishing schemes and protect yourself from them. Third, enable security alerts about links and files from suspicious websites and carefully check your email forwarding rules for any suspicious activity. Businesses can learn how to recognize and remediate these types of attacks and also take these steps to increase the security of their organizations.”

Charles Leverehttps://www.riverbankwebdesign.ca/
Charles Levere is the editor-in-chief (dork-in-chief) of Urban Dork. When he is not writing, or tinkering with hardware, he is most likely playing one of his favorite video games. He also loves being near the water, kayaking, water skiing or anything that gets him on the water and in the sun.


Please enter your comment!
Please enter your name here

Most Popular

Google to replace Play Music with YouTube Music by the end of 2020

What's the skinny? Google gives us more details on how and when Play Music will be replaced with YouTube Music.

SpaceX has submitted a request with the FCC to up its initial client user base from 1 million to 5 million

What's the skinny? SpaceX says due to overwhelming demand for its Starlink services, they have put in a request with the FCC...

Amazon’s low orbit satellite internet code named Project Kuiper gets FCC approval

What's the skinny? In a blog post Amazon announced that their low earth orbit (LEO) satellite constellation that will be used to...

Despite the current climate, AMD reports 26% growth in second-quarter earnings call

What's the skinny? AMD recently announced revenue of $1.93 billion, for their second quarter of 2020 despite the current COVID-19 climate.

Recent Comments