Microsoft’s Digital Crimes Unit (DCU) has seized 17 malicious domains used by scammers in a business email compromise (BEC) campaign targeting the company’s customers.

According to the complaint filed by Microsoft last week, they used the domains registered via NameSilo LLC and KS Domains Ltd./Key-Systems GmbH as malicious infrastructure in BEC attacks against Office 365 customers and services.

“Defendants use malicious homoglyph domains together with stolen customer credentials to unlawfully access customer accounts, monitor customer email traffic, gather intelligence on pending financial transactions, and criminally impersonate O365 customers, all in an attempt to deceive their victims into transferring funds to the cybercriminals,” Microsoft said.

“The relief sought in this action is necessary to stop the cybercriminals and prevent irreparable and ongoing harm to Microsoft and its customers.”

READ
MyRepublic Singapore Data Breach Exposes Nearly 80k Users' Personal Info