Microsoft is fighting a network of cyber criminals that it alleges is trying to defraud consumers in 62 countries with COVID-19-related business email compromise (BEC) scams in a renewal of prior malicious activity.
Court documents related to Microsoft’s fight against the alleged cyber criminals were unsealed yesterday by the U.S. District Court for the Eastern District of Virginia, the company says in a blog post.
In an earlier attack uncovered by the firm’s Digital Crimes Unit, bad actors attempted to “gain access to customer email, contact lists, sensitive documents and other valuable information,” Microsoft writes.
The company used technical means to “disable the malicious application” used in that attack. But the same criminal enterprises have renewed their efforts, this time using COVID-19 as a means to lure victims, the firm adds.
Microsoft has won a court order in a civil lawsuit, allowing it to “seize control of key domains in the criminals’ infrastructure so that it can no longer be used to execute cyberattacks,” it says.
It was unclear at deadline which court documents had been unsealed.
Microsoft filed a lawsuit last December against several Joe Doe defendants, alleging violations of the Computer Fraud and Abuse Act, the Lanham Act, the Electronic Communications Privacy Act and the Anticybersquatting Consumer Protection Act. Records in that case were unsealed in December.
In February, U.S. District Judge Liam O’Grady noted that the defendants had not responded to a December order to show cause, and that Microsoft and its customers would likely suffer “irreparable harm” from ongoing violations.
The judge enjoined the defendants from accessing Microsoft computers and from using such trademarks as Microsoft, Windows, Hotmail, Outlook and Office 365.
In addition, O’Grady ordered that numerous domains being used would be maintained by Microsoft in its account at the domain registrar MarkMonitor.
There was good cause to believe the defendants had “engaged in illegal activity by using deceptive and fake methods to steal computer user’s origin and/or account credentials to use such credentials for illegal purposes,” O’Grady wrote.
The judge added that the situation was “not the result of any lack of due diligence on Microsoft’s part, but instead based upon the nature of defendants’ conduct.”