In brief

  • Microsoft took legal action against scammers who are using coronavirus-themed cyber attacks to steal sensitive information or money from users.
  • Users would receive emails with coronavirus labeled files, which would allow malicious web apps access to their Microsoft Office 365 account.
  • Microsoft has received a court order and is now allowed to shut down the harmful websites that host malware.

Tech giant Microsoft has taken legal action against scammers who are using the coronavirus to con its users out of sensitive information or money.

Documents unsealed today by the U.S. District Court for the Eastern District of Virginia show that Microsoft has obtained a court order to shut down websites that host malware, said the company. 

Scammers have taken advantage of the coronavirus to con Microsoft users out of their money or sensitive information, said the company. Many, it said, involve “business email compromise” (BEC) attacks, where victims are lured into clicking on dodgy emails. 

Microsoft said that many of the attacks against its users in 2020 are coronavirus related. An email might contain a file labeled “COVID-19 Bonus,” which, when opened, prompted users to provide malicious web apps with access to their Microsoft Office 365 account, as well as the email, contacts, notes and files stored within Microsoft’s cloud storage system.

“This scheme enabled unauthorized access without explicitly requiring the victims to directly give up their login credentials at a fake website or similar interface, as they would in a more traditional phishing campaign,” said Microsoft. 

In its efforts to “remain vigilant against cyberattacks,” Microsoft has used the court order to “to proactively disable key domains that are part of the criminals’ malicious infrastructure.” 

Microsoft cited the FBI’s 2019 Internet Crime Report. The FBI found that a total of $1.7 billion was lost to BEC fraud, about half of the $3.5 billion lost to cybercriminals. Though not all cybercriminals loot cryptocurrencies, $159 million worth of crypto was taken from victims of cybercrime last year, according to the FBI. 

Phishing attacks are common in the crypto world; virtual currencies, such as Bitcoin and Monero, are favored by scammers for their privacy features.

Among high profile victims was the host of the “Protocol Podcast,” Eric Savics, who last month lost 12 Bitcoin ($113,000 at the time) when he punched his wallet’s information into a malicious version of the KeepKey app.

Unsolicited donors helped him out after Savics uploaded a gut-wrenching speech, but Savics later returned the Bitcoin. “It doesn’t feel right that I am amassing these donations whilst others have been through so much worse,” he tweeted.