Different parts of the federal
government try to fight cyber criminals who are stealing money and information
from U.S. businesses and citizens. Major corporations are also fighting cyber
criminals to protect themselves and their clients. Microsoft’s Digital Crimes
Unit (DCU) is a team of attorneys, investigators, data scientists, engineers,
analysts, and business professionals who protect Microsoft’s customers by
fighting cybercrime globally. The unit uses technology, forensics, civil
actions, criminal referrals, and public/private partnerships to protect the
security and privacy of its customers.
In an operation that recently came
to light in the technology press, the unit used innovative techniques to take over
web domains that were being used by cybercriminals in email phishing attacks on
Microsoft customers in 62 countries.
DCU analysis detected a series of
phishing Business Email Compromise (BEC) attacks on its customers. As a result
of its investigation, DCU went to the U.S. District Court for the Eastern District
of Virginia seeking permission to seize control of domains that cybercriminals
used to launch their phishing attacks. With the court’s permission, the DCU seized
those domains shutting down the phishing operation.
The cybercriminals sent phishing
emails to Microsoft clients that were designed to look like they were from a
trusted source in attempts to compromise accounts, steal information, and
redirect wire transfers. Some of the more recent efforts contained messaging
regarding COVID-19 to get the recipient to click on a link. Once clicking on
the link, the recipient would be prompted to grant access permission to a
malicious web application. The web app was also designed to look like it
belonged to a trusted source, however, it was controlled by the cybercriminals
who now had permission to access the victim’s Microsoft Office 365 account.
Business Email Compromise is a major
problem for businesses around the world. The FBI’s 2019 Internet Crime Report
shows that BEC crimes represent almost half of all cybercrime financial losses
for over $1.7 billion in losses. To defeat worldwide cybercriminals, the DCU develops
strong partnerships with local and global law enforcement, security firms,
researchers, NGO’s, and customers to overcome the constraints of jurisdictions
and legal limitations.
To learn more about this operation
and the Digital Crimes Unit check out the following links,
Microsoft:
Infosecurity:
Windows Central:
FBI:
No comments:
Post a Comment