Skip to main content

COVID-19 scammers kept posing as Microsoft to defraud people — so Microsoft got a court's permission to secretly seize their websites and shut them down (MSFT)

  • Microsoft secretly took control of and shut down a group of malicious websites that scammers were using to trick people into handing over personal information, the company announced Tuesday.
  • The company was able to seize the domains after a US court granted permission to do so last month. The order was granted under seal, blocking the scammers from anticipating the shutdown.
  • The scammers reportedly used the sites to send millions of malicious emails that posed as legitimate Microsoft Office 365 alerts.
  • Microsoft and other security providers are increasingly using civil cases through US courts to more rapidly fight scammers, rather than asking criminal prosecutors to get involved.

Microsoft successfully shut down the servers of scammers who targeted millions of people throughout 62 companies with emails that appeared to look like Microsoft Office 365 alerts — and many of which posed as COVID-19 related — the company announced Tuesday.

To shut down the scam operation, Microsoft used an unorthodox tactic that's becoming increasingly common in cybersecurity — it pursued a civil action against the scammers, getting permission from a judge to secretly seize their domains.

A federal court granted Microsoft the authority to seize the domains in a sealed motion, meaning the scammers didn't know the action was underway until Microsoft secured control of their domains.

"This unique civil case against COVID-19-themed [business email compromise] attacks has allowed us to proactively disable key domains that are part of the criminals' malicious infrastructure, which is a critical step in protecting our customers," Microsoft's consumer security chief, Tom Burt, said in a blog post.

The operation, first reported by TechCrunch, reflects a maneuver that allows Microsoft to fight cyber attacks without asking federal prosecutors to get involved.

Microsoft didn't disclose the identity of the scammers, but said the scams were not carried out by a nation-state actor. The scammers used phishing emails "designed to look like they come from an employer or other trusted source," according to court filings.

Microsoft first identified a version of the scam in December but noted that it returned months later with a COVID-19 theme. Security experts have highlighted similar scams that aim to capitalize on people's fear of COVID-19 throughout 2020.

"While the lures may have changed, the underlying threats remain, evolve and grow, and it's more important than ever to remain vigilant against cyberattacks," Burt said.

NOW WATCH: We tested a machine that brews beer at the push of a button

See Also:

Data & News supplied by www.cloudquote.io
Stock quotes supplied by Barchart
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the following
Privacy Policy and Terms and Conditions.