US District Court for the Eastern District of Virginia has ruled that the company can seize six domains that were being used in a widespread phishing campaign. Microsoft said the campaign targeted users in sixty-two countries around
the world, and it capitalized on fears surrounding COVID-19. Notably, the attackers didn’t use credential-harvesting login portals to trick victims into entering their usernames and passwords. Instead, the emails contained links that requested permissions
for a malicious web app that impersonated Office 365.
Learn more >