Microsoft Warns About New BEC Campaign Making Money Through Gift Card Scams

  • BEC actors are sending emails via typo-squatted domains to employees working remotely.
  • The messages request the employee to purchase gift cards for the whole remote team.
  • The actors are first doing some reconnaissance on social media profiles and the target’s website.

BEC (Business Email Compromise) campaigns never stopped being a million-USD-scale threat to organizations around the globe. Still, Microsoft is now warning about a new campaign involving gift card scams, which could dangerously increase the rate of success for the crooks. As the piece details, the actors are targeting remote-working victims via emails that supposedly come from their boss. What the message asks the recipient to do is to purchase gift cards for everyone in the team, supposedly to keep them happy during the pandemic. Sounds legit, right?

The scammers are doing the proper reconnaissance first, scrutinizing social media profiles, the official company website, LinkedIn, etc. This way, they get to learn the names of the bosses, managers, heads of departments, executives, and anyone who could realistically send an instruction for the purchase of gift cards as a morale booster.

According to Microsoft’s report, the most targeted sector by this particular campaign is that of “Consumer goods,” enjoying a share of 38%. The reason for this could be that most of the companies in this field are now working remotely.

The delivery of the messages of this particular campaign alone happens through 120 typo-squatted domains, so an equal number of organizations were impersonated. To avoid blacklisting problems, the actors registered the domains right before the stage of sending out the emails. The scammers didn’t bother paying for name masking, as they used auto-generated random names for the registration anyway.

Microsoft points out that defending against the BEC menace is not a simple effort, but the firm has several mechanisms in place created to tackle the problem. First, its artificial intelligence tools can process trillions of signals each day, raising flags for further investigation to be carried out by human threat researchers. These signals concern actor fingerprints, infrastructure, and even phishing and BEC techniques that feature certain identifiable patterns.

Then, Microsoft’s DCU team works in parallel to take down infrastructure that is linked with campaigns of this kind. We have seen this happening many times in the recent past, with some notable examples including the “Thallium” group of hackers, the “Necurs” botnet, and also the “Trickbot.”

As for what organizations can do to protect themselves and their workforce against BEC actors, Microsoft suggests the following:

  • Use an email security solution.
  • Conduct email security training.
  • Implement multi-factor authentication.
  • Review your protection against domain spoofing.
  • Implement authentication safeguards for financial transactions.



How to Watch Washington Wizards Games Online Without Cable

The Washington Wizards have been the surprise package of the NBA season so far, exciting fans all over the world with their...

How to Watch Philadelphia 76ers vs. Boston Celtics: Live Stream, Start Time, TV Channel, Odds, Predictions

The NBA regular season continues on Wednesday evening, with the Boston Celtics hosting the Philadelphia 76ers at the world-famous TD Garden in...

How to Watch Sacramento Kings vs. Los Angeles Clippers: Live Stream, Start Time, TV Channel, Odds, Predictions

The Los Angeles Clippers will be looking to return to winning ways as they battle it out against the Sacramento Kings in...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari