Spam is a constant in the modern world. Whether it’s a personal or business email address, most people are inundated with all kinds of scams and schemes. New research from the Microsoft 365 Defender Threat Intelligence team breaks down one of the most common patterns, business email compromise (BEC) attacks.
These types of attacks attempt to trick people into approving payments, transferring money, or in the case of a specific campaign being reviewed by Microsoft, purchasing gift cards.
These types of attacks involve deceiving people who might not be looking at the recipient’s email address. A scammer will send an email claiming to be from someone’s boss or someone in a position of authority and then ask for funds somehow.
VPN offers: lifetime license for $ 16, monthly plans for $ 1 and more
Often times, scammers use typo-squatted domains, which are fake domains that look real at a glance. For example, a scammer might add a letter to a website domain, like microsofft.com.
These types of attacks are quite old, but they are probably still in use because they are effective. The crooks wouldn’t keep using the same tactics if they didn’t work. The fact that Microsoft Defender for Office 365 detects and blocks these threats can also indicate that people need to be protected against them.
Microsoft’s report isn’t written to be comical, but it highlights a stupid mistake made by a specific set of crooks. The campaign that Microsoft covers in its article did not use the correct organization names in an attempt to fool people. It would be like someone pretending to be your boss but saying they worked for the wrong company.
We can earn a commission for purchases using our links. Learn more.