back to article Crooks hook hundreds of exec accounts after phishing in Azure C-suite pond

The number of senior business executives stymied by an ongoing phishing campaign continues to rise with cybercriminals registering hundreds of cloud account takeovers (ATOs) since spinning it up in November. Researchers from Proofpoint listed many C-suite roles as prime targets for the unnamed attackers, as well as other …

  1. Anonymous Coward
    Anonymous Coward

    Waiting to hear

    I'm waiting to hear if MS knows what accounts have been abused and email sent to and are NOTIFYING people.

    Or just being MS and letting their customers/victims find out for themselves the hard way.

  2. Doctor Syntax Silver badge

    When going phishing it's always best to go for the big phish.

  3. Kevin McMurtrie Silver badge

    It's the CF gang

    It's the phishing gang that hangs out on a certain crime-friendly site with the initials "C.F." It's high quality phishing that buys clever domain names and has good site cloning. The gang has been refining their techniques on CF, AWS, and Google for years.

    I emailed Microsoft security a few times in November when phishing and attacks were suddenly flooding in from Microsoft business accounts. Nothing happened so I blocked Microsoft on my personal server. That fixed it for me.

    I checked my server logs now and it looks like Microsoft is mostly, but not entirely, cleaned up.

    (CF because The Reg sometimes deletes posts with the full name.)

  4. Anonymous Coward
    Anonymous Coward

    C-suite locked out of accounts...

    ...and productivity improves.

  5. IGotOut Silver badge

    Of course they would target C-Suite

    Because those Princesses demand that they have full admin rights, have unrestricted internet access and are allowed to install any software they want, because "Well don't you know who I am"

    Combined with the "P4ssw0rd1" syndrome, because anything else is to difficult to remember when the PA isn't about and there you go.

  6. t245t Silver badge
    Linux

    Malicious document LINKS~1 are security risk.

    As security conscious Reg readers know only too well, being sent a link to a document from an unknown sender should immediately be a red flag for any user

    Except on Linux which doesn't have that open-and-run feature of that other system.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like