IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Microsoft seizes domains used in COVID-19 phishing attacks

The tech giant's bid to take down websites used in business email compromise attacks was accepted by US court

A US District Court has accepted a bid from Microsoft to seize and take control of web domains used in phishing attacks that exploit concerns around the coronavirus. 

The tech giant announced that it's Digital Crimes Unit (DCU) had taken down a business email compromise operation on Tuesday. 

The unit first observed the criminal activity in December 2019, when a sophisticated phishing scheme designed to compromise Microsoft customer accounts was deployed. 

The hackers attempted to infiltrate customer email accounts, contact lists, sensitive documents and more in order to send emails to companies that look like they came from a trusted source. The overall goal was to steal information or redirect wire transfers.

When the group first began carrying out its scheme, the phishing emails contained deceptive messages associated with generic business activities. Malicious links were titled 'Q4 Report - Dec19', for instance. Microsoft said it used technical means to block the criminal activity and disable the malicious applications.

However, the same criminals attempted a fresh campaign using COVID-19-related phishing emails to target victims. The emails were designed to look like they originated from an employer or other trusted sources, Microsoft said. These were used to targeted business leaders across a number of industries.

"Today, the US District Court for the Eastern District of Virginia unsealed documents detailing Microsoft's work to disrupt cybercriminals that were taking advantage of the COVID-19 pandemic in an attempt to defraud customers in 62 countries around the world," Tom Burt, corporate VP of customer security & trust wrote in a blog.

"Our civil case has resulted in a court order allowing Microsoft to seize control of key domains in the criminal's infrastructure so that it can no longer be used to execute cyberattacks."

US businesses lost more than $1.7 billion as a result of business email compromise attacks, according to the FBI. 

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

Cloud security market to hit $106 billion by 2029
cloud computing

Cloud security market to hit $106 billion by 2029

11 Apr 2022
Education and government most at risk from email threats
phishing

Education and government most at risk from email threats

26 Nov 2021
Attackers use CSS to fool anti-phishing systems
phishing

Attackers use CSS to fool anti-phishing systems

11 Nov 2021
Alkira offers Check Point CloudGuard Security to secure virtual cloud networks
Cloud

Alkira offers Check Point CloudGuard Security to secure virtual cloud networks

29 Sep 2021

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
Microsoft says it's provided over $100 million in tech support to Ukrainian government
cyber attacks

Microsoft says it's provided over $100 million in tech support to Ukrainian government

20 May 2022