An Israeli cybersecurity company says it's informed the FBI of a massive fraud carried out using ... [+] Microsoft Office 365 emails. It’s a classic but hugely successful case of what’s known as business email compromise (BEC) fraud where crooks impersonate company partners and convince them to send money to their bank accounts. Mitiga said that in one case it investigated, a hacker had learned of a target’s wire transfer by somehow gaining access to an employee’s Office 365 email account. They used 15 different Office 365 accounts to register 150 additional domains, all of them registered on Wild West Domains and designed to imitate other legitimate businesses, Mitiga said. “To further protect customers, Defender for Office 365 (formerly Office 365 ATP) includes rich capabilities to thwart targeted and advanced attacks such as business email compromise, credential phishing and email account compromise.

Source: Forbes September 30, 2020 13:30 UTC