Business email compromise

Read our investigation of a BEC campaign that used attacker-created email infrastructure to facilitate gift card theft targeting the consumer goods, process manufacturing and agriculture, real estate, discrete manufacturing, and professional services sectors.

The post Business email compromise campaign targets wide range of orgs with gift card scam appeared first on Microsoft Security.

Read More Business email compromise campaign targets wide range of orgs with gift card scam

Phishers targeting Microsoft Office 365 users increasingly are turning to specialized links that take users to their organization’s own email login page. After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others.

Read More Malicious Office 365 Apps Are the Ultimate Insiders