Microsoft 365 executive logins were sold on the dark web!

Dec 10, 2020 2 min read
Microsoft 365 executive logins were sold on the dark web!

A forum for hackers has an offer to sell login details for Microsoft 365 / Office accounts which is high ranks executive accounts

Best Deal on Microsoft Office: https://amzn.to/3md2idr

ZDnet has reported a claim that a forum for hackers has an offer to sell login details for Microsoft 365 / Office accounts for what they commonly call C-level staff which is high ranks executive accounts. Here is the list of those ranks:

  • CEO – chief executive officer
  • COO – chief operating officer
  • CFO – chief financial officer or chief financial controller
  • CMO – chief marketing officer
  • CTOs – chief technology officer
  • President
  • Vice president
  • Executive Assistant
  • Finance Manager
  • Accountant
  • Director
  • Finance Director
  • Financial Controller
  • Accounts Payables

The prices go as high as $1500 and as low as $100, it just depends on how spicy you want the rank of the senior executive to be.

All the login information has been corroborated and they look very real, as of right now there is no eveidence of being fake logins.

The seller’s ad on Exploit.in Source: via KELA

The victimis of the logins and password leaks have companies in many places and they own firms such as retailers, business management and software firms.

Next Step

If you are one of the affected ones we'll cover below how to secure your account, please do so in order to protect it.

How to secure Microsoft 365 account from hackers

Not a single day passes that we hear news about hackers invading our privacy, but fortunatly, the steps below can stop them or slow them down by aproximatly 99%

  1. Clean the cookies on your browser and make sure your computer isn't acting strange. This will check that the hacker is not in your actual computer.
  2. Change your passwords, if you can change them all. Use a different one from the rest of the ones that you have. To keep them all different I recommend using Bitwarden which is a free and most secure password manager.
  3. Use 2 Factor Authentication. Please don't use your phone number as it can be easily bypassed, actually if you can turn off the phone number option, use instead an app such as Authy to handle your codes.

Perhaphs you've heard of this already but Microsoft 365 admins can enforce Two Factor Authentication on their staff and management accounts and if this is the case, make sure you follow the list above to stay as secure as possible.

The key component in the security above is the 2 Factor Authentication, even if the hackers have your password, they won't be able to get into your account. The problem is if you have more than one account with that password, then they can easily search and find it. That's why I recommended Bitwarden.

Great! Next, complete checkout for full access to ArturoFM.
Welcome back! You've successfully signed in.
You've successfully subscribed to ArturoFM.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.