Microsoft Takes Down COVID-19 Cyber Criminals to Eliminate "Business Email Compromise" Attacks

Shine Li  Jul 09, 2020 16:44  UTC 08:44

2 Min Read

Scammers have been taking advantage of the confusion caused by COVID-19 pandemic and the subsequent worldwide economic crisis in order to retrieve sensitive information and phish personal data from Microsoft users.

It was reported by Corporate Vice President of Microsoft, Tom Burt, that Microsoft users from at least 62 countries around the world have been defrauded by cyber criminals phishing for sensitive data. The online hackers operated by sending COVID-19 labeled files to a victim’s email account, which were purposely marketed in a way that incited users to click on the malware. Following that, malicious web applications were then able to access the victims’ Microsoft Office 365 account.

This is known as a form of Business Email Compromise (BEC) attack. It has become increasingly sophisticated and complex to prevent, as new software is constantly developing, and scammers have upgraded to more creative phishing schemes.

Luckily, following a court order issued by the US District Court for the Eastern District of Virginia, Microsoft has finally been able to seize control of the key domains in the cyber criminals’ infrastructure, in an effort of putting an end to cyberattacks targeting their multinational tech company. 

FBI Internet Crime Reports

With cybercrime on the rise, the FBI’s 2019 Internet Crime Report indicated that BEC attacks figured among the most costly complaints, resulting in over $1.7 billion of financial damages. FBI also reported that from 2016-2019, businesses lost approximately $26 billion dollars due to fraudulent emails.

According to Safepost, the use of decentralized technology in emails have yet to be fully utilized and a blockchain-based solution would solve the majority of problems that traditional email providers faced. A decentralized email solution would entail that messages would be stored in shared ledgers. In other words, no single authority would be able to dictate how your data was used. 

Monero Used in Cybercrime

With phishing attacks being increasingly common in the crypto world, virtual currencies, such as Zcash and Monero (XMR), are more and more favoured by scammers because of their privacy features. XMR stands at the top of the list for the most private cryptocurrencies on the market. Because it operates on blockchain technology and its network is obfuscated, Monero is a popular choice employed by cybercriminals in carrying out illicit cyber scams.


Image source: Shutterstock


Read More