Microsoft Removes Domains Used to Scam Office 365 Users

Share post:

Microsoft’s Digital Crimes Unit (DCU) has seized 17 malicious domains used by scammers in a business email compromise (BEC) campaign targeting the company’s clients.

The domains captured by Microsoft were so-called “homoglyph” domains, which were registered as legitimate businesses and allowed fraudsters to pose as companies while communicating with their customers.

According to the complaint filed by Microsoft last week, they used the domains registered via NameSilo LLC and KS Domains Ltd. / Key-Systems GmbH as a malicious infrastructure in BEC attacks on Office 365 customers and services.

According to Microsoft, the criminals behind this campaign are “part of a massive network that appears to be based out of West Africa” and have mainly targeted North American small businesses operating in multiple industries.

This is not the first time that Microsoft has seen such incidents. In the past, Microsoft 365 Defender researchers disrupted the cloud-based infrastructure used by another massive BEC campaign.

In some cases, the methods of BEC fraudsters seem to lack sophistication, and their phishing emails may look distinctly malicious to some. BEC attacks are behind the record-breaking financial losses since 2018.

The FBI’s annual report on cybercrime lists a record $1.8 billion in losses reported last year alone.

In March, the FBI also warned of BEC attacks increasingly targeting U.S. state, local, tribal and territorial government units.

In other warnings sent out last year, the FBI warned of BEC scammers abusing automatic email forwarding and cloud email services such as Microsoft Office 365 and Google G Suite in their criminal activities.

For more information, read the original story in BleepingComputer.

SUBSCRIBE NOW

Related articles

Hamilton Estimates $52 Million to Rebuild IT Systems After Ransomware Attack

The city of Hamilton plans to spend $52 million over the next three years to rebuild and secure...

Avery Data Breach: Credit Card Skimmer Affects Over 61,000 Customers

Label maker Avery has disclosed a data breach affecting 61,193 customers, caused by a credit card skimmer that...

Scammed Company Ordered to Pay $190k for Fraudulent Invoice Payment

A hacker gained access to Mobius Group’s email system and sent instructions from a legitimate email address, directing...

Sneaky 2FA: A Sophisticated Attack Defeats Both 2FA and Phishing Protections

A new phishing kit, ominously named "Sneaky 2FA," has emerged, targeting Microsoft 365 users by bypassing two-factor authentication...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways