Between July 2021 and June 2022, the tech giant removed over 5,31,000 unique phishing URLs and 5,400 phish kits, leading to the closure of over 1,400 malicious email accounts that collected stolen customer credentials, the report said.
Microsoft estimates 80% of ransomware attacks can be traced to common configuration errors in software and devices.
The report has highlighted how specialisation and consolidation of the cybercrime economy have fueled ransomware-as-a-service (RaaS), becoming a dominant business model, enabling a wider range of criminals to deploy ransomware, regardless of their technical expertise.
The RaaS economy allows cybercriminals to purchase access to ransomware payloads and data leakage as well as payment infrastructure. Industrialisation of cybercrime has created specialised roles, like access brokers who sell access to networks, the company said.