Microsoft sues coronavirus phishing spammers to seize their domains amid web app attacks against Office 354.5 Microsoft has taken legal action to seize web domains being used to launch coronavirus-themed phishing attacks. The Windows giant obtained an order from US courts allowing it to seize domains being used for phishing, having first spotted the miscreants doing their thing in December 2019. “Microsoft’s Digital Crimes Unit (DCU …
Article headline at the time of writing this: amid web app attacks against Office 265
Now, I know they've had a lot of downtime, and I've variously heard it referred to as Office 364, Office 360 and so on, but a whole 100 days? At that point, probably safer to host your data on a stack of knockoff Chinese 5.25" floppy disks held onto your fridge with a magnet.
Yeah yeah, I should use the "Send a correction" link, but this was too funny not to call out!
Why not tag every Office downtime story with a certain tag and, if an article carries this tag, subtract the number of articles this year with this tag from 365 and replace the string "365" in the headline with this number.
Unfair, probably. Enlightening and funny, certainly.
...it'd be nice if they could stop the silly DoS crap originating from some of their *.outbound.protection.outlook.com servers.
Stuff like this, where they just connect and then drop the connection over and over:
07/07/2020 13:04:41 - ( 2911) EHLO GBR01-LO2-obe.outbound.protection.outlook.com
07/07/2020 13:04:41 - ( 2911) 250-Welcome, mail-lo2gbr01lp2055.outbound.protection.outlook.com [104.47.21.55], pleased to meet you
07/07/2020 13:04:41 - ( 2911) 250-AUTH=LOGIN
07/07/2020 13:04:41 - ( 2911) 250-AUTH LOGIN
07/07/2020 13:04:41 - ( 2911) 250-SIZE 20971520
07/07/2020 13:04:41 - ( 2911) 250-ETRN
07/07/2020 13:04:41 - ( 2911) 250 HELP
07/07/2020 13:04:41 - ( 2911) Error: [10054] Connection reset by peer
This post has been deleted by its author
Maybe the sender's send connector enforces TLS.
Given the DNS PTR naming convention, it looks like this might be part of their low-quality/SRS IP pool. At least that's what I gather from reading the tea leaves.
But it doesn't sound like you're missing anything important, nevertheless. :)
Other [genuine] email from MS servers comes through ok, so I don't think it's TLS-related (though it's a good thought).
And even if MS did want to only transmit over TLS, their servers should end the conversation cleanly with QUIT, not just drop the connection.
Mostly, it's their hypocrisy that peeves me.
That is O365, so Microsoft has a baseline configuration for send connectors, but their tenants are free to do whatever they want, including enforcing TLS for one or all destination domains or relays, so on and so forth.
It is unfortunate that they don't execute a QUIT either and instead allow the socket to age out.
That's my server announcing that email of up to 20MB will be accepted.
That seems like a reasonable limit in the modern world - not too small to interfere with normal traffic, not too big to choke the server.
IME, the UCE that does get through actually tends to be quite small (well below that 20MB limit) - it's not often that junk comes with huge attachments.
“This scheme enabled unauthorized access without explicitly requiring the victims to directly give up their login credentials at a fake website or similar interface "
No problem here, I don't have a Borkzilla account, so there's nothing to phish.
You see, I have an innate distrust of anything that tries to tie me into its universe. That's why I don't have a YouTube account, or a FaceBook account, or an Office x65 account. I fail to see why I should give you all the details of my comings and goings on the Internet, since it's none of your clucking business.
Quite apart from it being Microsoft, possibly the most ethical corporation in Hades, who else feels disquiet at any company on earth having it's own 'Crimes Unit ?
Like those American Railroads having their own police back in the day --- though even then they had the cover of municipal badges, given by compliant local authorities; whilst ordinary tycoons had the decency at least to hire Pinkertons and other private muscle [ including US soldiers ] whenever they wanted workers beaten, killed or machine-gunned along with their family members in the Land of the Free.
Personal police forces are a bad idea.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
