Active Stocks
Mon Mar 18 2024 15:55:53
  1. Tata Steel share price
  2. 149.60 5.69%
  1. Tata Motors share price
  2. 972.20 2.75%
  1. ITC share price
  2. 417.40 -0.51%
  1. State Bank Of India share price
  2. 730.70 -0.18%
  1. ICICI Bank share price
  2. 1,082.00 0.32%
Business News/ Technology / News/  Warning! Microsoft unearths phishing attack that mimics big brands. How to stay safe
BackBack

Warning! Microsoft unearths phishing attack that mimics big brands. How to stay safe

An investigation led Microsoft to a large-scale phishing-as-a-service operation called BulletProofLink

Microsoft claims that the knowledge they gained during the investigation enhances Microsoft Defender for Office 365 protectionPremium
Microsoft claims that the knowledge they gained during the investigation enhances Microsoft Defender for Office 365 protection

Microsoft has conducted extensive research on phishing attacks. The tech giant has unearthed a surprisingly systematic way of how malicious actors are using sub-domains to bluff users. The software giant came across a campaign that used a high volume of newly created and unique subdomains—over 300,000 in a single run. 

The investigation led the company to a large-scale phishing-as-a-service operation called BulletProofLink, which sells phishing kits, email templates, hosting, and automated services at a relatively low cost.

The service comes with over 100 phishing templates that mimic known brands and services. The research further claims that the BulletProofLink operation is responsible for many of the phishing campaigns that impact enterprises today. 

Microsoft, in a blog, stated that BulletProofLink (also referred to as BulletProftLink or Anthrax by its operators in various websites, ads, and other promotional materials) is used by multiple attacker groups in either one-off or monthly subscription-based business models, creating a steady revenue stream for its operators.

The company claims that the knowledge they gained during the investigation ensures that Microsoft Defender for Office 365 protects customers from the campaigns that the BulletProofLink operation enables. 

BulletProofLink operators offer over 100 templates and operate with a highly flexible business model. This business model allows customers to buy the pages and “ship" the emails themselves and control the entire flow of password collection by registering their own landing pages or make full use of the service by using the BulletProofLink’s hosted links as the final site where potential victims key in their credentials.

The templates are designed to evade detection while successfully phishing for credentials, but may vary based on the individual purchasing party. 

How to deal with phishing threats?

According to the Microsoft blog, in order to build resilience against phishing attacks in general, organizations can use anti-phishing policies to enable mailbox intelligence settings, as well as configure impersonation protection settings for specific messages and sender domains. Enabling SafeLinks ensures real-time protection by scanning at time of delivery and at time of click.

Microsoft strongly recommends enabling multifactor authentication and blocking sign-in attempts from legacy authentication.

Additionally, the Windows operating system provides tools in Microsoft Defender for Office 365 to deal with phishing attacks . 

Unlock a world of Benefits! From insightful newsletters to real-time stock tracking, breaking news and a personalized newsfeed – it's all here, just a click away! Login Now!

Catch all the Technology News and Updates on Live Mint. Download The Mint News App to get Daily Market Updates & Live Business News.
More Less
Published: 23 Sep 2021, 12:29 PM IST
Next Story footLogo
Recommended For You
Switch to the Mint app for fast and personalized news - Get App