Security News > 2020 > July > Microsoft Seizes Malicious Domains Used in Mass Office 365 Attacks

Microsoft has seized several domains associated with a massive hacking campaign, which has targeted Office 365 accounts with phishing and business email compromise emails.

A recent court order issued by U.S. District Court for the Eastern District of Virginia allowed the tech company to disable the domains associated with the email attacks and disband the campaign: "Our civil case has resulted in a court order allowing Microsoft to seize control of key domains in the criminals' infrastructure so that it can no longer be used to execute cyberattacks," according to Tom Burt, corporate vice president, Customer Security and Trust, in a Tuesday post.

In more recent, renewed phishing attacks the emails contained phishing themes leveraging the ongoing coronavirus pandemic - a commonly used lure for email scams, malware attacks and other malicious activities since March.

The campaign, targeting Office 365 users, sent an email that includes a link to register to the training: "COVID-19 Training for Employees: A Certificate for Health Workplaces."

After clicking through the consent prompt for the malicious web app, cybercriminals then received permission to access and control the victims' Office 365 account contents, including email, contacts, notes and material stored in the victims' OneDrive for Business cloud storage space and corporate SharePoint document management and storage system.

News URL

https://threatpost.com/microsoft-seizes-domains-office-365-phishing-scam/157261/