Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign

Credit to Author: Eric Avena| Date: Mon, 14 Jun 2021 16:00:44 +0000

Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise (BEC) infrastructure hosted in multiple web services. Attackers used this cloud-based infrastructure to compromise mailboxes via phishing and add forwarding rules, enabling these attackers to get access to emails about financial transactions.

The post Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign appeared first on Microsoft Security Blog.

Read more

Forrester names Microsoft a Leader in the 2021 Enterprise Email Security Wave

Credit to Author: Lauren Goodwin| Date: Thu, 06 May 2021 16:00:26 +0000

Today, organizations face an evolving threat landscape and an exponentially increasing attack surface. Email represents the primary attack vector for cybercrime, and security teams are in search of efficient and cost-effective means to minimize the risk of these threats and the impact they have on organizational productivity and innovation. We are proud to announce today…

The post Forrester names Microsoft a Leader in the 2021 Enterprise Email Security Wave appeared first on Microsoft Security.

Read more

Business email compromise campaign targets wide range of orgs with gift card scam

Credit to Author: Eric Avena| Date: Thu, 06 May 2021 16:00:15 +0000

Read our investigation of a BEC campaign that used attacker-created email infrastructure to facilitate gift card theft targeting the consumer goods, process manufacturing and agriculture, real estate, discrete manufacturing, and professional services sectors.

The post Business email compromise campaign targets wide range of orgs with gift card scam appeared first on Microsoft Security.

Read more

Business email compromise: How Microsoft is combating this costly threat

Credit to Author: Lauren Goodwin| Date: Thu, 06 May 2021 16:00:07 +0000

Business email compromise is the costliest phishing attack threat to organizations. In this post, we explore how it works and strategies to fight it.

The post Business email compromise: How Microsoft is combating this costly threat appeared first on Microsoft Security.

Read more

What tracking an attacker email infrastructure tells us about persistent cybercriminal operations

Credit to Author: Eric Avena| Date: Mon, 01 Feb 2021 17:00:06 +0000

Sweeping research into massive attacker infrastructures, as well as our real-time monitoring of malware campaigns and attacker activity, directly inform Microsoft security solutions, allowing us to build or improve protections that block malware campaigns and other email threats, both current and future, as well as provide enterprises with the tools for investigating and responding to email campaigns in real-time.

The post What tracking an attacker email infrastructure tells us about persistent cybercriminal operations appeared first on Microsoft Security.

Read more

Threat actor leverages coin miner techniques to stay under the radar – here’s how to spot them

Credit to Author: Eric Avena| Date: Mon, 30 Nov 2020 22:30:31 +0000

BISMUTH, which has been running increasingly complex cyberespionage attacks as early as 2012, deployed Monero coin miners in campaigns from July to August 2020. The group’s use of coin miners was unexpected, but it was consistent with their longtime methods of blending in.

The post Threat actor leverages coin miner techniques to stay under the radar – here’s how to spot them appeared first on Microsoft Security.

Read more