Scammers have become so smart that they use various methods to hack user data and also want to be able to access the devices they are using. These cases have increased significantly, especially during the quarantine period, as more and more people are starting to work online. Microsoft recently discovered a large-scale corporate email compromise (BEC) campaign that covered more than 120 companies with print domains. Other brand websites are also called URL hijacking.
These typo domains were registered a few days ago before they were attacked. These hackers use a variety of methods to steal accounts, including theft or phishing. The email company then uses this data to send payments to its controlled bank accounts and attempts to use gift card fraud to rob employees. The Microsoft Threat Intelligence team pointed out that this pattern is just like a few weeks ago, pointing out this pattern through the use of incorrect TLDs or minor typographical errors in the company name.
Trying to use almost the same primary domain name as microsoft.com for Microsoft.xyz or micrrosoft.com.In addition, they try to email the user to get detailed information. According to the report, 38% of the consumer goods industry was attacked. Although the attackers tried to map the fake domain name to a specific target, Microsoft said that the registered domain name does not always link to the organization contained in the email.
Their methods are sometimes flawed, and when the attacker calls the target employee by name, his research skills are obvious. Microsoft also found that attackers used different strategies to respond incorrectly, creating authenticity in emails, which could lure more employees. Microsoft also said that filling in headers when composing emails makes people feel real, and the scammers are just responding to the main email threads among Yahoo and Outlook users.
This feature distinguishes this campaign from most other campaigns. In BEC activities, the scammer only contains one or a real fake e-mail, which is specially created by including the author, recipient, and subject in the body of the e-mail. It seems that the new email is a response to the current email. These attacks cause huge economic losses every year. According to the report, these BEC attacks caused $1.8 billion in financial losses. The FBI also warned the US corporate sector that the number of such attacks is increasing.
Although the attackers tried to map the fake domain name to a specific target, Microsoft said that the registered domain name does not always link to the organization contained in the email. It seems that the new email is a response to the current email. According to the report, these BEC attacks caused $1.8 billion in financial losses.