Identity theft is a leading cybercrime, according to the Microsoft Digital Defense Report

The report is based on analysis by Microsoft’s security and research teams of 24 trillion signals; It consists of observations on more than 40 state-linked cyber attackers and more than 140 attack groups.

The report notices that the issue of “identity” has become a major problem in cybersecurity over the past year. It is also underlined that in the last 2 years, when cyber threats have increased, not enough attention has been paid to identity protection and passwordless solutions. Research shows that only 22% of Microsoft customers benefit from Microsoft Azure Active Directory (Azure AD) service, Microsoft’s Cloud İdentity Solution, so that in can implement a powerful identity protection system by December 2021.

Microsoft said it prevented 25.6 billion attacks to break Azure AD during the period January-December 2021; it also says that 35.7 billion emails sent through Microsoft Defender for Office 365 as Phishing e-mail have been blocked.

Anonymous has published data belonging to the Russian Central Bank of the Threat Group, according to a cyber intelligence platform:

Anonymous, a hacktivist group, has recently launched a cyberattack against Russia called “OpRussia” because of the war between Ukraine and Russia.

As a result of the attack activity, the relevant threat actor group shared 28 GB of data obtained by the Russian central bank with the non-profit news site “DDoSecrets” (Distributed Denial of Secrets), which was established in 2018.

As a result of preliminary investigations by DDoSecrets, the relevant data leak included financial records dating back to 1999, internal memos, various bank statements, information of high-profile clients and similar data.

Tip of the Month
Presidency of The Republic of Türkiye Digital Transformation Office warns citizens about 8 different scams on social media.

Common scams on social media:

Credit Trap: It is a fraudulent method in which personal information and prepayment are requested, claiming that you can take out an instant loan.

Crypto Asset Fraud: A method of fraud that promises to make a profit by investing your money in crypto assets and is asked to pay.

Fake Corporate Accounts: A scam in which links and credit card information are stolen from take accounts opened using the names of public institutions or companies.

Fake Friend Scam: A scam in which scammers who gain trust through friendship obtain personal information and then demand money.

Lottery Fraud: A fraudulent method that says you’ve won a prize and is asked to pay to win the prize.

Paid Membership Fraud: A fraudulent method in which you are asked to pay for allegedly giving an affordable membership of a movie or music platform.

Fake Social Media Emails: A fraudulent method in which usernames and passwords are obtained through emails prepared using the name and interface of social media platforms.

Low Priced Sales Scam: It is a fraudulent method in which electronics are allegedly sold at prices well below the market price.