Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish
| (844) 627-8267

Microsoft cyber signals report highlights growing gift card fraud | #cybercrime | #computerhacker

Story continues below Advertisement

The latest edition of Microsoft’s Cyber Signals report, titled “Cyber Signals: Inside the Growing Risk of Gift Card Fraud,” unveils significant findings on the activities of the cybercriminal group Storm-0539. This group has been exploiting cloud and identity services to compromise gift card issuers, leading to substantial financial losses for many businesses.

Targeting gift card issuers

Story continues below Advertisement

Storm-0539 has been identified targeting large retailers, luxury brands, and fast-food restaurants that issue gift cards. Their methods include phishing, smishing, device registration, and access token theft. By gaining access to employee accounts and gift card portals, the group is able to create and redeem new gift cards or sell them on the black market.

Advanced reconnaissance and camouflage

The report reveals that Storm-0539 conducts extensive research on gift card business processes, federated identity service providers, and employees of targeted organisations. To evade detection, they impersonate legitimate nonprofits to obtain free or discounted cloud resources and register domains that closely resemble legitimate services.

Story continues below Advertisement

Increased activity around holidays

The group has been particularly active during high-demand periods for gift cards. There was a 60% increase in Storm-0539 intrusion activity between September and December 2023, coinciding with the holiday season, and a 30% increase in May 2024. These spikes in activity highlight the group’s strategy to exploit the heightened demand for gift cards during these times.

Implications and recommendations

Story continues below Advertisement

The findings of the Microsoft Cyber Signals report underscore the growing threat posed by cybercriminal groups like Storm-0539. Businesses, particularly those in retail, luxury, and fast-food sectors, need to bolster their cybersecurity measures to protect against such sophisticated attacks.

The report further suggests enhancing employee training on recognising phishing and smishing attempts, implementing robust access controls and multi-factor authentication. Furthermore, conducting regular security audits and penetration testing to identify vulnerabilities is also advised.
Monitoring for unusual activity, especially during peak gift card demand periods can help reduce cyber frauds.


Click Here For The Original Source.