Microsoft neuters Office 365 account attacks that used clever ruse

 In BEC, Biz & IT, business email compromise, microsoft, OAuth, phishing, Policy

Microsoft neuters Office 365 account attacks that used clever ruse

Serving the Technologist for more than a decade. IT news, reviews, and analysis.
The Office Three 65 logo is emblazoned on TVs and boxes in a shopping mall.

Enlarge (credit: Emerson Alecrim / Flickr)

Microsoft has neutered a large-scale fraud campaign that used knock-off domains and malicious apps to scam customers in 62 countries around the world.

The software maker and cloud-service provider last week obtained a court order that allowed it to seize six domains, five of which contained the word “office.” The company said attackers used them in a sophisticated campaign designed to trick CEOs and other high-ranking business leaders into wiring large sums of money to attackers, rather than trusted parties. An earlier so-called BEC, or business email compromise, that the same group of attackers carried out in December used phishing attacks to obtain unauthorized access. The emails used generic business themes such as quarterly earnings reports. Microsoft used technical means to shut it down.

The attackers returned with a new BEC that took a different tack: instead of tricking targets into logging in to lookalike sites, and consequently divulging the passwords, the scam used emails that instructed the recipient to give what was purported to be a Microsoft app access to an Office 365 account. The latest scam used the COVID-19 pandemic as a lure.

Read 9 remaining paragraphs | Comments

Businesses in 62 countries targeted in financial fraud scam.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt