Microsoft Seizes 340 Phishing Websites in Major Crackdown to Protect Users from Rising Cybersecurity Threats
Microsoft seized 340 phishing websites tied to Nigerian group Raccoon0365, disrupting massive cyberattacks stealing Microsoft user credentials. The case highlights rising cybersecurity threats and urgent need for stronger business data protection.
Tech Author
Cybersecurity risks are growing more dangerous by the day, and the most recent case highlights how rapidly hackers may ruin enterprises. Microsoft Inc. stated this week that it has taken down over 340 websites associated with Raccoon0365, a Nigerian-based phishing service.
According to Microsoft's Digital Crimes Unit, this service was created to steal sensitive information, particularly Microsoft user credentials.It worked by creating fake login pages where users unintentionally input their usernames and passwords.What makes this particularly concerning is that the service was sold as a subscription basis, which meant that anyone could pay and begin phishing, even without extensive technological expertise.
According to reports, Raccoon0365 operated on Telegram and has over 850 users. Since its start in July 2024, the group has generated more than $100,000 in cryptocurrency.Using this platform, attackers carried out huge phishing campaigns, frequently sending thousands of fake emails at once. These targeted industries around the world, including finance, healthcare, and technology.
One investigation found that over 2,300 organizations in the United States were targeted in only two weeks with tax-related phishing emails. Healthcare institutions were also severely impacted, with at least five organizations losing important credentials. Experts warn that if cybercriminals acquire access to a company's systems, they can misuse data in a variety of ways, including financial fraud and identity theft.
Microsoft identified Joshua Ogundipe, a Nigerian national, as the operator of Raccoon0365. With the help of Cloudflare and the US Secret Service, Microsoft was able to seize the domains and prevent further accounts from being created.
The case highlights an important lesson that cyberattacks do not always require advanced technology.Even simple platforms, such as Raccoon0365, may causes significant damage to people and businesses.This is why cybersecurity awareness, strong passwords, and multi-factor authentication are more critical than ever.
For businesses, a single data breach can result in a loss of client trust, a damaged reputation, and significant financial loss. To remain safe in today's digital environment, all organizations, large and small, must prioritize cybersecurity.
This article is based on information from Reuters
