Phishing Campaign Targeted Millions Office 365 Users

The malicious emails grew profoundly to capitalize on the pandemic.

Microsoft recently revealed that its customers were targeted in a massive phishing campaign that has since December sought to defraud users in more than 60 countries.
 
Microsoft said that the attack "targeted business leaders across a variety of industries, attempting to compromise accounts, steal information and re-direct wire transfers,". Based on trends discovered in December, the tech giant used technological means to block the operation of the attackers and deactivate the malicious code used in the attack. The company now encountered revived attempts by the same offenders, this time using COVID-19-related lures to target victims in the phishing emails.
 
According to the company, the campaign was vast, hitting millions of Microsoft Office 365 users with attempted hacks in a single week. Microsoft has repelled the scheme through a recent court decision that authorized the firm to take over domains used by cybercriminals and prevent them from being used for cyber-attacks.
 
 
Source: Microsoft 
 
Microsoft explained that once victims clicked on the deceptive links contained in fake emails, they were eventually prompted to grant access permissions to a malicious web application (web app). These malicious web apps enabled attackers to access the victim’s Microsoft Office 365 account without explicitly requiring the victims to directly give up their login credentials.
 
The tech giant said that it takes various measures to monitor and block malicious web apps based on telemetry indicating atypical behavior and has continued to intensify its protections based on this activity. And, this recent civil case against COVID-19-themed BEC attacks has permitted the company to proactively disable key domains that are part of the criminals’ malicious infrastructure, which is a critical step in protecting customers.