Security News > 2020 > July > Microsoft sues coronavirus phishing spammers to seize their domains amid web app attacks against Office 354.5
Microsoft has taken legal action to seize web domains being used to launch coronavirus-themed phishing attacks.
"Microsoft's Digital Crimes Unit first observed these criminals in December 2019, when they deployed a sophisticated, new phishing scheme designed to compromise Microsoft customer accounts," said the mega-corp in a blog post this week.
The phishing lures included bait text such as "COVID-19 Bonus," said Microsoft.
Upon clicking links provided in the phishing emails, victims were sent to a web app demanding extra permissions.
Redmond has not shied away from legal action over the years, the most high-profile sueball being its ongoing case against the American government to stop agents helping themselves to non-US customer data stored on non-US-based Microsoft servers.
News URL
https://go.theregister.com/feed/www.theregister.com/2020/07/08/microsoft_sues_office_365_phishers/
Related news
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ Countries (source)
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- Microsoft fixes Power Pages zero-day bug exploited in attacks (source)
- Botnet targets Basic Auth in Microsoft 365 password spray attacks (source)
- Microsoft launches ad-supported Office apps for Windows users (source)
- Microsoft tests ad-supported Office apps for Windows users (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)