Share this article
Improve this guide
Microsoft dismantles COVID-19-themed phishing campaigns
2 min. read
Updated onOctober 4, 2023
updated onOctober 4, 2023
Share this article
Improve this guide
Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more
Key notes
We recently wrote anarticleon how malicious players have been increasingly carrying out COVID-19-themedphishing attacks. The bad actors recently made Office 365 users some of their favorite targets, but it appears that Microsoft’s Digital Crimes Unit (DCU) has been closely tracking some of them.
Microsoft takes apart COVID-19-themed phishing infrastructure
Microsoftrevealedthat it got a court order allowing it to take over control of certain domains that cybercriminals used to execute COVID-19-themed phishing or other forms of cyber attacks. As such, the threat actors in question can no longer use the seized IT infrastructure to commit cybercrime.
Today, the U.S. District Court for the Eastern District of Virginia unsealed documents detailing Microsoft’s work to disrupt cybercriminals that were taking advantage of the COVID-19 pandemic in an attempt to defraud customers in 62 countries around the world. Our civil case has resulted in a court order allowing Microsoft to seize control of key domains in the criminals’ infrastructure so that it can no longer be used to executecyberattacks.
How hackers executed the Office 365 phishing attacks
As with any otherphishing campaign, the attackers sent malicious emails appearing to originate from a trusted source.
They took advantage of the fact that many companies around the world expect some form of COVID-19 financial bailout. So, they used that theme to trick their targets into harmful interactions with malicious web applications.
As you’d expect, the cybercriminals sent the victims malicious links.
This time around, the hackers don’t explicitly ask the victim to supply their O365 security credentials via a web-based form. Instead, clicking on a malicious link leads to a prompt requiring the target to give access rights to a malware-loaded web app.
Since they criminals control the malicious app, they may now compromise the victim’s O365 account.
Apparently, any O365 app or tool can be a target for such attacks, from Microsoft Teams toOneDrive. Users, therefore, have no option but to be on high alert and implement adequatecybersecuritymeasures.
Have you had any experience with COVID-19-themed cyber attacks? Kindly let us know via the comments section below.
[wl_navigator]
More about the topics:Cybersecurity,Office 365
Don Sharpe
Tech Journalist
Don has been writing professionally for over 10 years now, but his passion for the written word started back in his elementary school days. His work has been published on Livebitcoinnews.com, Learnbonds.com, eHow, AskMen.com, Forexminute.com, The Writers Network and a host of other companies.
User forum
0 messages
Sort by:LatestOldestMost Votes
Comment*
Name*
Email*
Commenting as.Not you?
Save information for future comments
Comment
Δ
Don Sharpe
Tech Journalist
Don has been writing professionally for over 10 years now, simplifying the tech universe for the mases.
