Microsoft Phishing Websites Seized in Nigerian Operation

September 17, 2025|Ifunanya|No Comments|

Microsoft has seized approximately 340 websites linked to a Nigerian-based phishing operation, which has resulted in the theft of at least 5,000 Microsoft user credentials. According to a statement from the company, the operation, known as Raccoon0365, allowed users to carry out large-scale phishing campaigns through a subscription service. The service, which operates via a private Telegram channel with over 850 subscribers, enables users to impersonate trusted brands and trick targets into entering their Microsoft login credentials on fake login pages.

The seizure of the websites was made possible by an order from the US District Court in Manhattan, obtained by Microsoft earlier this month. The company’s Digital Crimes Unit, led by Assistant General Counsel Steven Masada, has been investigating the operation and working to dismantle its infrastructure. Masada noted that the service has generated at least $100,000 in cryptocurrency payments for its operators since its launch in July 2024.

The phishing campaigns carried out through Raccoon0365 have targeted a wide range of industries, with a significant portion of the activity focusing on organizations based in New York City. Microsoft has identified several instances of Raccoon0365-related phishing efforts, including a tax-themed campaign that targeted over 2,300 organizations in the US between February 12 and 28 this year. The company has also collaborated with security partners, such as Cloudflare, to seize and take down malicious infrastructure linked to the operation.

The impact of Raccoon0365 extends to the healthcare sector, with at least five unnamed healthcare organizations reportedly falling victim to successful credential harvesting through phishing campaigns. Errol Weiss, chief security officer of the Health Information Sharing & Analysis Center (Health-ISAC), noted that the operation has targeted a total of 25 health sector organizations.

Microsoft’s efforts to dismantle Raccoon0365’s infrastructure are ongoing, with the company committed to taking additional legal steps to prevent the operation from rebuilding. The seizure of the websites marks a significant blow to the phishing operation, and serves as a reminder of the importance of vigilance in the face of cyber threats. As Masada noted, “cybercriminals don’t need to be sophisticated to cause widespread harm,” and simple tools like Raccoon0365 can put millions of users at risk.

Tags:

Related posts:

  1. Federal Medical Centres (FMCs) in Nigeria: The Ultimate List (Locations & Websites – 2025 Update)
  2. Google, TikTok, Microsoft Deactivate 13.5m Nigerian Accounts
  3. Microsoft Employees Claim Company Blocks Emails Containing “Palestine” and “Gaza” Amid Censorship and Discrimination Allegations
  4. Google, Microsoft, TikTok Deactivate 13 Million Accounts in Nigeria Crackdown

Leave a Comment

Your email address will not be published. Required fields are marked *

Breaking News

Media Talk Africa Logo

Trump tariffs hit Japan exports to US hard

Actor, Stanley Ontop calls out NAPTIP for alleged kidnapping, conversion of Christian children to muslim

NAPTIP Allegedly Traffics Children from Delta to Kano

Governor Namadi warns against destruction of government facilities

Jigawa State Emphasizes Teacher Performance Rewards Discipline

Fubara Will Have 'Zero' Powers Upon Resumption As Gov, Tonye Cole Laments • Channels Television

Rivers Governor To Have Zero Powers After Suspension

Media Talk Africa Logo

US Fed poised for interest rate cut amid political pressure

Scroll to Top