Security News > 2020 > July > Microsoft sues coronavirus phishing spammers to seize their domains amid web app attacks against Office 354.5
Microsoft has taken legal action to seize web domains being used to launch coronavirus-themed phishing attacks.
"Microsoft's Digital Crimes Unit first observed these criminals in December 2019, when they deployed a sophisticated, new phishing scheme designed to compromise Microsoft customer accounts," said the mega-corp in a blog post this week.
The phishing lures included bait text such as "COVID-19 Bonus," said Microsoft.
Upon clicking links provided in the phishing emails, victims were sent to a web app demanding extra permissions.
Redmond has not shied away from legal action over the years, the most high-profile sueball being its ongoing case against the American government to stop agents helping themselves to non-US customer data stored on non-US-based Microsoft servers.
News URL
https://go.theregister.com/feed/www.theregister.com/2020/07/08/microsoft_sues_office_365_phishers/
Related news
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- Microsoft 365 outage takes down Office web apps, admin center (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Microsoft disrupts ONNX phishing-as-a-service infrastructure (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- New Rockstar 2FA phishing service targets Microsoft 365 accounts (source)
- GenAI makes phishing attacks more believable and cost-effective (source)