Microsoft 365 Defender researchers have dismantled cloud computing infrastructure used to orchestrate a large-scale email compromise campaign (BEC).
In a Joint Blog article, Stefan Sellmer, from the Microsoft 365 and Nick Carr Defender Search Team, from Microsoft Threat Intelligence Center (MSTIC) Share details on the malicious cloud infrastructure that was spread over Several web services.
Cybersecurity researchers shared that the campaign compromises mailboxes using phishing and transmission rules, with the aim of getting their hands on e-mails on financial transactions.
Here is our gathering of the best messaging services
Also check our list of the best courier customers
These are the best email hosting providers
“This survey also shows how cross-threat data, enriched with analyst expert information, result in a protection against actual global threats, both in terms of attack detection through products such as Microsoft Defender For Office 365, as well as deducting operations and infrastructure, “Write researchers.
This campaign comes on the heels of another another beak campaign, but poorly executed, used on a hundred areas due to hit.
Stealth attacks
Microsoft’s analysis revealed that the attackers rely on a robust cloud infrastructure to automate their operations.
The attackers also found a means of using multi-factor authentication (MFA) by operating inherited protocols such as POP3 / IMAP, which goals had forgotten to disable.
Disable attack vectors In this beak attack, researchers note that the campaign will show the furtive nature of email campaigns based on legitimate traffic.
The researchers also used the possibility of showing some of the mechanisms integrated in office 365, which helps to defend users against these beak campaigns, including the use of artificial intelligence (AI) to detect abnormal behavior.
They conclude by emphasizing that it is important to supervise a global defense strategy, which includes both stages of action before violation and after violation.
