Microsoft Issues Warning of Recent TodayZoo Attack

Many basic phishing attacks are relatively easy to spot now that many people have an idea of what to look for, but scammers are quickly becoming more and more sophisticated when it comes to finding new ways to carry out scams that are more difficult to detect. Microsoft recently announced that it experienced a significant TodayZoo attack, which is a complex type of phishing attack that likely affected many users.

What Is TodayZoo?

Phishing scams, which involve the attacker sending emails, text messages, or similar types of communication that claim to be from a legitimate person or organization, have become significantly more sophisticated in recent years. Scammers are constantly developing new ways to make phishing attacks more difficult to identify, and mitigating the damage they cause has also become more challenging.

This is particularly true when targets are not sure what they are dealing with, and scammers have come up with a way of combining elements of multiple phishing kits to create a complex attack that is more difficult to recognize and respond to. Microsoft was recently affected by this type of attack, which first made an appearance in December 2020 and is now known as TodayZoo.

What Are Phishing Kits?

Although targets of phishing scams are often under the assumption that the attacker planned, coded, and executed the scam on their own, many phishing scammers utilize a phishing kit to help them accomplish their attacks. Purchasing these kits gives scammers access to a wide range of tools that make it easier to create a believable and professional-looking phishing email that has a stronger possibility of convincing the target that it is legitimate. These digital kits contain a package of images, HTML pages, scripts, and other materials that assist scammers in creating successful phishing emails.

Scammers typically purchase phishing kits on the dark web, which is a part of the internet that cannot be accessed with a regular browser or tracked, or another underground forum. They are also able to purchase multiple kits to select parts from to piece together a final product that matches what they have in mind if they are unable to find a kit that works exactly how they want it to. These TodayZoo attacks are relatively new, but they are quickly picking up speed because they are more difficult for targets to successfully respond to and lead to a higher level of success for the scammers. Ironically, Microsoft’s own antivirus software, Microsoft 365 Defender, was the first to detect early TodayZoo attacks in late 2020.

How Was Microsoft Affected by TodayZoo?

Although other TodayZoo attacks have taken place since their inception in late 2020, the recent TodayZoo attack on Microsoft was one of the first successful attacks on a major corporation. This major phishing attack, which Microsoft disclosed on October 21, 2021, revealed that several phishing attack campaigns that combined components of multiple phishing kits were launched against Microsoft shortly before that date. These attackers utilized TodayZoo phishing strategies to send emails claiming to be Microsoft to a large number of users. These emails, which appeared to be credible, gave the attackers access to many users’ login credentials by creating a fake login page that looked legitimate.

What Steps Should Microsoft Users Take to Secure Their Personal Information?

All Microsoft users should assume that their personal information may have been included in this data breach, as there is no way to be sure whose passwords were inadvertently compromised. Here are several next steps to take to ensure that your company’s sensitive data is as secure as possible following this threat and in the future.

Change Login Credentials

First and foremost, Microsoft users should change their login credentials if they have not already done so. Although it is not known exactly whose credentials the phishing scammer has gained access to or how many passwords have been leaked, Microsoft estimates these numbers to be high, and changing your password and informing your employees or coworkers of the need to do so is essential in order to ensure the security of your company’s sensitive information.

Changing your password to something that is difficult to guess and not similar to your old password is a must in order to ensure that the attacker cannot access your account if they have your old one, and it may be a good idea to also change your username if you are reasonably able to do so.

Enable Multifactor Authentication

Multifactor authentication requires a second piece of information in addition to your password to gain access to your account. This security measure, which was created as a backup to keep accounts and password-protected information secure in the event that your password is lost or stolen, most commonly requires users to enter a code that is sent to another device or account, such as a personal email address or company-owned cell phone, after entering a correct password in order to enter an account.

Learn What to Look For

After securing your data following Microsoft’s recent TodayZoo attack, take some time to brush up on what to look for in a potential phishing scam and share this information with the members of your team to decrease the threat of losing personal information to such attacks in the future. Microsoft and other legitimate companies typically will not ask for your login information or other credentials via email, as the TodayZoo attacker did.

Other common signs that an email may be coming from an illegitimate source include multiple typos, spelling mistakes, and unusual word choices that a legitimate company would be unlikely to make and emails that create a sense of urgency that is designed to convince recipients to quickly provide passwords or other sensitive information without taking the time to think about whether the request is legitimate.

Engage With BC Networks for All Your Microsoft Security Needs

Selecting a reliable IT support company to work with on a regular basis is an important step in ensuring that your company’s devices and programs are as adequately protected from phishing and other potential cyber security threats as possible. At BC Networks, we provide a wide range of solutions for preventing cyber security issues, as well as improving the efficiency of many other aspects of your company’s digital assets. Contact us today to learn more about how we can help your company prevent TodayZoo phishing attacks and other security issues or to get started!