Microsoft 365 executive logins sold on the dark web

Office for Mere Mortals
Your beginners guide to the secrets of Microsoft Office
Invalid email address
Tips and help for Word, Excel, PowerPoint and Outlook from Microsoft Office experts.  Give it a try. You can unsubscribe at any time.  Office for Mere Mortals has been running for over 20 years, we've never, ever revealed or sold subscriber details.  Privacy policy

The Microsoft 365 logins on top executives are being sold on the dark web, allowing hackers direct access to the emails and files of chief executives, directors and managers.

ZDnet is reporting that a forum for hackers has an offer to sell login details for Microsoft 365 / Office accounts for, so-called, C-level staff like:

  • CEO – chief executive officer
  • COO – chief operating officer
  • CFO – chief financial officer or chief financial controller
  • CMO – chief marketing officer
  • CTOs – chief technology officer
  • President
  • Vice president
  • Executive Assistant
  • Finance Manager
  • Accountant
  • Director
  • Finance Director
  • Financial Controller
  • Accounts Payables

Prices range from US$100 to $1,500 for the more senior and juicy pickings.

The logins have been verified as real so this doesn’t seem like a scam selling fake logins.

image 4 473x198 - Microsoft 365 executive logins sold on the dark web
The seller’s ad on Exploit.in Source: via KELA

The victims include companies on both sides of the Atlantic, retailers, business management and software firms.  The latter should know better than to have such lax security.

We’re begging you … please secure your Microsoft 365 account

Not a week goes by where we hear from someone who has been hacked, thinks they’ve been hacked or worried their accounts might be hacked in the future.

The solution is (fairly) simple – Two Factor Authentication

Setup ‘2Fac’ for all your major accounts:

  • Microsoft 365
  • Email
  • Social Media (Facebook, Twitter etc).

Microsoft 365 admins can enforce Two Factor Authentication on their staff and management accounts. 

With Two Factor Authentication setup, it doesn’t matter as much if a hacker gets your login and password details. Without the vital time-limited extra code, they can’t get into your account.

The Myth about Two-Factor Authentication
Microsoft leads again! The most impersonated brand on the Internet
Longer passwords yes, but more complex password are better

Latest news & secrets of Microsoft Office

Microsoft Office experts give you tips and help for Word, Excel, PowerPoint and Outlook.

Give it a try. You can unsubscribe at any time.  Office Watch has been running for over 20 years, we've never, ever revealed or sold subscriber details.  Privacy policy
Invalid email address