Microsoft reveals attacks based on phishing-as-a-service operation: Here’s how to stay safe
Microsofthas revealed an investigation of a large-scale phishing-as-a-service operation.
- These service providers enable attacks on users by selling
phishing kitsto its customers.
- Microsoft recommends some practices to counter
In a blog post by Microsoft 365 Defender Threat Intelligence Team, the company explains how phishing attacks are enabled by phishing-as-a-service operators, their infrastructure and the economy of such scams. Their customers are scammers and attackers who use these services in either one-off or monthly subscription-based business models
Like any service provider, phishing operators who work with interchangeable aliases like Anthrax, BulletProftLink offers its customers ready-to-use phishing kits for single payment. It also offers a host of services like a software-based service provider like template creation, website creation and hosting, and overall organisation of the phishing scam.
Many of these service providers offer their customers fully undetectable links that claim to remain viable until the users click on it. The templates that are sold avoid detection while phishing for credentials, such as login passwords.
Microsoft claims that Defender for Office 365 protects its customers from phishing attacks such as those enabled by BulletProofLink.
How to counter phishing attacks:
- Enable multi factor authentication and blocking sign-in attempts from legacy authentication.
- Use anti-phishing policies to enable mailbox intelligence settings.
- Configure impersonation protection settings for specific messages and sender domains.
- Enable SafeLink in Defender for Office 365 to ensure real-time protection by scanning at the time of delivery and at the time of click.
AdvertisementRealme Narzo 50 to Samsung Galaxy M52 5G — phones launching in India this month
You can now record apps that are spying on you using iOS 15
Here’s how to create more space in Google Drive
Popular on BI
- 'Harry Potter' had a chance to represent Indian kids like me, but all we got were Parvati and Padma Patil's atrocious Yule Ball outfits
- Manchester United owners are getting drawn to the world's biggest cricket league – here's why
- Elon Musk sparks another Shiba Inu rally ‘to the moon’ — other Shiba coins follow suit
- Dream 11 parent Dream Sports to hire 200 people in India across various domains
- Snap's stock plummets by 22% as Apple’s iPhone privacy changes hit its advertising business
- Twitter now lets anyone on Android and iOS host Spaces
- PUBG: New State with ‘PC-like’ gameplay will officially launch on November 11
- Nykaa has added a skincare brand to its shopping cart, a week before its IPO