Today, Microsoft’s Digital Crimes Unit said it disrupted RaccoonO365, the fastest-growing tool used by cybercriminals to steal Microsoft 365 credentials, by seizing 338 websites associated with the popular service and cutting off criminals’ access to victims.
Microsoft posted a blog post on the seizure here: https://blogs.microsoft.com/on-the-issues/2025/09/16/microsoft-seizes-338-websites-to-disrupt-rapidly-growing-raccoono365-phishing-service/
Erich Kron, security awareness advocate at KnowBe4, commented:
“Clearly, email phishing continues to be a major threat that organizations face on a daily basis. Phishing services make it far easier for unskilled attackers to be able to play in the cybercrime game, while not necessarily being cyber savvy themselves.
“Credential theft through phishing can be especially dangerous because people tend to reuse passwords across different accounts and services, meaning, if a bad actor can trick someone out of their password, they may not only have access to that account, but others as well.
“The social engineering threats drive home the reason that organizations need to have a well-established human risk management (HRM) program in place that will educate users on ways to spot fake login pages and help them understand why credential reuse is so dangerous. In addition, MFA should be deployed wherever possible to make things even tougher for attackers in the event they do steal someone’s credentials.”
This blog post is very much worth your time to read as it shows how threat actors are evolving to be increasingly more effective and dangerous.
Related
This entry was posted on September 16, 2025 at 4:26 pm and is filed under Commentary with tags Microsoft. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Microsoft Seizes 338 Sites to Disrupt RaccoonO365’ Phishing Service
Today, Microsoft’s Digital Crimes Unit said it disrupted RaccoonO365, the fastest-growing tool used by cybercriminals to steal Microsoft 365 credentials, by seizing 338 websites associated with the popular service and cutting off criminals’ access to victims.
Microsoft posted a blog post on the seizure here: https://blogs.microsoft.com/on-the-issues/2025/09/16/microsoft-seizes-338-websites-to-disrupt-rapidly-growing-raccoono365-phishing-service/
Erich Kron, security awareness advocate at KnowBe4, commented:
“Clearly, email phishing continues to be a major threat that organizations face on a daily basis. Phishing services make it far easier for unskilled attackers to be able to play in the cybercrime game, while not necessarily being cyber savvy themselves.
“Credential theft through phishing can be especially dangerous because people tend to reuse passwords across different accounts and services, meaning, if a bad actor can trick someone out of their password, they may not only have access to that account, but others as well.
“The social engineering threats drive home the reason that organizations need to have a well-established human risk management (HRM) program in place that will educate users on ways to spot fake login pages and help them understand why credential reuse is so dangerous. In addition, MFA should be deployed wherever possible to make things even tougher for attackers in the event they do steal someone’s credentials.”
This blog post is very much worth your time to read as it shows how threat actors are evolving to be increasingly more effective and dangerous.
Share this:
Like this:
Related
This entry was posted on September 16, 2025 at 4:26 pm and is filed under Commentary with tags Microsoft. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.