COVID-19 scammers kept posing as Microsoft to defraud people — so Microsoft got a court's permission to secretly seize their websites and shut them down (MSFT)

The company was able to seize the domains after a US court granted permission to do so last month. The order was granted under seal, blocking the scammers from anticipating the shutdown.
The scammers reportedly used the sites to send millions of malicious emails that posed as legitimate Microsoft Office 365 alerts.
Microsoft and other security providers are increasingly using civil cases through US courts to more rapidly fight scammers, rather than asking criminal prosecutors to get involved.

Visit Business Insider's homepage for more stories .

Microsoft successfully shut down the servers of scammers who targeted millions of people throughout 62 companies with emails that appeared to look like Microsoft Office 365 alerts and many of which posed as COVID-19 related the company announced Tuesday.

To shut down the scam operation, Microsoft used an unorthodox tactic that's becoming increasingly common in cybersecurity it pursued a civil action against the scammers, getting permission from a judge to secretly seize their domains.

A federal court granted Microsoft the authority to seize the domains in a sealed motion, meaning the scammers didn't know the action was underway until Microsoft secured control of their domains.

"This unique civil case against COVID-19-themed [business email compromise] attacks has allowed us to proactively disable key domains that are part of the criminals' malicious infrastructure, which is a critical step in protecting our customers," Microsoft's consumer security chief, Tom Burt, said in a blog post .

The operation, first reported by TechCrunch , reflects a maneuver that allows Microsoft to fight cyber attacks without asking federal prosecutors to get involved.

Microsoft didn't disclose the identity of the scammers, but said the scams were not carried out by a nation-state actor. The scammers used phishing emails "designed to look like they come from an employer or other trusted source," according to court filings.

Microsoft first identified a version of the scam in December but noted that it returned months later with a COVID-19 theme. Security experts have highlighted similar scams that aim to capitalize on people's fear of COVID-19 throughout 2020.

"While thelures may have changed, the underlying threats remain, evolve and grow, and it's more important than ever to remain vigilant against cyberattacks," Burt said.

NOW WATCH: How waste is dealt with on the world's largest cruise ship