Microsoft takes apart COVID-19-themed phishing infrastructure

Microsoft revealed that it got a court order allowing it to take over control of certain domains that cybercriminals used to execute COVID-19-themed phishing or other forms of cyber attacks. As such, the threat actors in question can no longer use the seized IT infrastructure to commit cybercrime.

How hackers executed the Office 365 phishing attacks

As with any other phishing campaign, the attackers sent malicious emails appearing to originate from a trusted source. They took advantage of the fact that many companies around the world expect some form of COVID-19 financial bailout. So, they used that theme to trick their targets into harmful interactions with malicious web applications. As you’d expect, the cybercriminals sent the victims malicious links. This time around, the hackers don’t explicitly ask the victim to supply their O365 security credentials via a web-based form. Instead, clicking on a malicious link leads to a prompt requiring the target to give access rights to a malware-loaded web app. Since they criminals control the malicious app, they may now compromise the victim’s O365 account. Apparently, any O365 app or tool can be a target for such attacks, from Microsoft Teams to OneDrive. Users, therefore, have no option but to be on high alert and implement adequate cybersecurity measures. Have you had any experience with COVID-19-themed cyber attacks? Kindly let us know via the comments section below.

SPONSORED Name * Email * Commenting as . Not you? Save information for future comments
Comment

Δ