Four things to know:
1. In December, the company’s digital crimes unit noticed a new phishing scheme that aimed to access customer emails, contact lists and other sensitive documents. Microsoft was able to squash the application used in the attack, but now is seeing renewed attempts from the same individuals to launch phishing attacks related to COVID-19.
2. The phishing emails mimic emails from users’ employers as well as other trusted sources and target business leaders to either compromise accounts, steal information or redirect wire transfers, according to a blog post from Microsoft. One of the most common terms used in the messages is “COVID-19 Bonus.”
3. Individuals who click on the malicious links are prompted to grant access permissions, which allow the cybercriminals to access the victim’s Microsoft Office 365 account.
4. Microsoft has received a court order allowing it to take control of key domains in the criminals’ infrastructure to prevent further cyberattacks.
More articles on cybersecurity:
Healthcare providers that underwent cyberattacks in 2020 so far
Providence business associate coding error exposes info of 49,511 health plan members
Florida orthopedic group hit with $99M lawsuit over patient data exposure: 3 details
