1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Microsoft takes down hundreds of malicious websites used in phish

    From TechnologyDaily@1337:1/100 to All on Friday, November 22, 2024 16:15:05
    Microsoft takes down hundreds of malicious websites used in phishing scams

    Date:
    Fri, 22 Nov 2024 16:09:00 +0000

    Description:
    240 fraudulent websites seized by Microsofts Digital Crimes Unit.

    FULL STORY ======================================================================The Microsoft Digital Crimes Unit has seized 240 fraudulent sites The sites were used by ONNX to sell phishing templates Phishing attacks target millions of users per month

    Millions of phishing emails targeting victims every day use do it yourself phishing kits developed by Egypt-based ONNX - but the Microsoft Digital Crimes Unit has now seriously disrupted this operation, seizing 240
    fraudulent websites used to help sell Phishing-as-a-Service (PaaS) kits.

    Phishing poses a real threat to individuals and organizations alike, with successful phishing attacks delivering devastating financial and data loss . Cybercriminals have taken this further by developing kits to sell to other criminals to help develop widespread phishing campaigns and bypass security measures by intercepting MFA requests.

    The attacks that originate from the do it yourself kits represent a significant portion of the tens of millions of phishing attacks Microsoft accounts receive each month. The ONNX operation is one of the top five phish kit providers by email volume in 2024, according to Microsofts digital
    defense reports, so the disruption is significant. Name and shame

    Microsoft has decided to publicly name the individual behind the storefront, Abanoub Nady (known online as MRxC0DER), who has been tied to the operation
    as far back as 2017, and is well established in the PaaS sphere.

    ONNX offers a tiered subscription service, with basic, professional, and enterprise plans - which are promoted, sold, and configured through Telegram, and they even provide how to videos for criminals to properly implement the phishing kits.

    Many of the kits used a technique called quishing, or QR code phishing ,
    which prompts users to scan codes where they are redirected to malicious fake websites to enter personal or payment information.

    As weve said before, no disruption is complete in one action. Effectively combatting cybercrime requires persistence and ongoing vigilance to disrupt new malicious infrastructure, said Assistant General Counsel, Microsofts Digital Crimes Unit, Steven Masada.

    While todays legal action will substantially hamper the fraudulent ONNXs operations, other providers will fill the void, and we expect threat actors will adapt their techniques in response. You might also like Take a look at our pick of the best antivirus software around Phishing attacks surge as cybercriminals adopt AI tools and multi-channel tactics Check out our choices for best malware removal software



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/microsoft-takes-down-hundreds-of-malici ous-websites-used-in-phishing-scams


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)