Team siliconindia

• Microsoft seizes 340 websites tied to phishing service Raccoon0365.
• The service helped cybercriminals steal over 5,000 Microsoft login credentials.
• Raccoon0365 targeted healthcare, finance, and organizations in New York.

Microsoft has taken a major step in the fight against cybercrime by shutting down 340 phishing websites linked to a growing cybercrime service called Raccoon0365. This service operated like a subscription model, giving users easy to use tools to launch massive phishing attacks.

With a legal order from the U.S. District Court in Manhattan, Microsoft successfully seized the domains earlier this month. These websites were being used to impersonate trusted brands especially Microsoft itself and trick people into entering their login details on fake Microsoft sign in pages.

According to Steven Masada, Assistant General Counsel at Microsoft’s Digital Crimes Unit, Raccoon0365 enabled its users to send thousands of phishing emails at once. The platform operated through a private Telegram channel with over 850 subscribers. Since its launch in July 2024, the service has earned its operators more than $100,000 in cryptocurrency payments.

Microsoft identified the main operator as Joshua Ogundipe, based in Nigeria. While the court documents listed his email address, Ogundipe has not responded to any comment requests.

Raccoon0365 was not just a nuisance, it posed a serious threat. Between February 12 and 28, 2025, Microsoft detected tax themed phishing campaigns linked to Raccoon0365 targeting over 2,300 organizations, mainly in the U.S. These included attacks on sectors like finance, business, and healthcare.

Also Read: Microsoft Brings Free AI Copilot to Office Apps

One alarming detail, the phishing platform was involved in credential theft from at least five healthcare providers. Microsoft partnered with Health-ISAC, a cybersecurity group for healthcare organizations, to investigate and take legal action.