Home Cybercrime Microsoft has taken legal action against COVID-19-related cybercrime

Microsoft has taken legal action against COVID-19-related cybercrime

Affecting 62 Countries and with having sent out millions of phishing lure emails, Microsoft sues to gain control of cybercriminal domains.

What’s the skinny? Earlier today the U.S District Courts unsealed documents that detailed Microsoft’s efforts to disrupt cybercriminals that were taking advantage of the COVID-19 pandemic. The cyber attacks Microsoft is looking to thwart affect 62 countries around the world. Microsoft’s civil case resulted in a court order that would allow Microsoft to seize control over key domains that the cybercriminals were using to trick would be victims into believing they were interacting with a legitimate Microsoft domain.

Microsoft said they first observed these cybercriminals back in December of 2019, before the outbreak. Back then the attacks where thwarted by Microsoft’s digital crime unit by using technical means to block the criminals activity and disable the malicious application used in the attack.

Photo Credit: Microsoft

Now with the pandemic in full swing, these cybercriminals are back at it again, however this time they are using the outbreak as a way to disguise their phishing emails and trick would be victims into clicking on their contents.

Once the victim had clicked the malicious link, a web app disguised as a Microsoft app would open up prompting the victim to give permissions, grant access and control over the users Office 365 account contents. The attacker would now have access to the victims email, contacts, notes and material stored in the users OneDrive for Business cloud storage space and corporate SharePoint document management and storage system. Below is an example of the malicious web app that is looking to be given access to the victims Office 365 account.

Photo Credit: Microsoft

Microsoft takes many measures to monitor and block malicious web apps based on telemetry indicating atypical behavior and has continued to enhance our protections based on this activity. In cases where criminals suddenly and massively scale their activity and move quickly to adapt their techniques to evade Microsoft’s built-in defensive mechanisms, additional measures such as the legal action filed in this case are necessary. This unique civil case against COVID-19-themed BEC attacks has allowed us to proactively disable key domains that are part of the criminals’ malicious infrastructure, which is a critical step in protecting our customers.

Tom Burt – Corporate Vice President, Customer Security & Trust

Tom Burt says “To further protect yourself against phishing campaigns, including BEC, we recommend, first, that you enable two-factor authentication on all business and personal email accounts. Second, learn how to spot phishing schemes and protect yourself from them. Third, enable security alerts about links and files from suspicious websites and carefully check your email forwarding rules for any suspicious activity. Businesses can learn how to recognize and remediate these types of attacks and also take these steps to increase the security of their organizations.”

Avatar
Charles Leverehttps://www.riverbankwebdesign.ca/
Charles Levere is the editor-in-chief (dork-in-chief) of Urban Dork. When he is not writing, or tinkering with hardware, he is most likely playing one of his favorite video games. He also loves being near the water, kayaking, water skiing or anything that gets him on the water and in the sun.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows 10

Windows 10 update KB4586876 is intended for versions 2004 and 20H2. This update installed on my test system has been running without issue for...

Immortals Fenyx Rising out today on PC

Explore a beautiful, breathtaking world as you take on mythological beasts, build your legend, and carve out your destiny, and slay Typhon. If you...

NVIDIA game ready driver release Version 457.51

This driver provides support for the new RTX 3060 Ti and includes a few new bug fixes. What’s New in Version 457.51 WHQL GeForce Game Ready...

NVIDIA set to release their 3060 Ti December 2, 2020

What's the skinny? NVIDIA is releasing their RTX 3060 Ti tomorrow, December 2, 2020, ahead of their RTX 3060. NVIDIA is claiming that the...

Sam & Max Save the World out on PC December 2, 2020

Some of the original developers updated the original Sam & Max Save the World with the blessing of the creator Steve Purcell. Release Date:...

Recent Comments