In today’s interconnected world, cybercrime poses a significant threat to individuals, businesses, and even national security. The financial losses caused by cybercrime run into the trillions, undermining trust in the digital economy. Microsoft’s Digital Crimes Unit has been at the forefront of combating cybercrime since 2008. With a team of technical, legal, and business experts, the DCU leverages its expertise, partnerships, and innovative approaches to tackle a range of security issues. In this blog post, we will explore some of the current security challenges in the tech industry that the DCU is addressing.

Business Email Compromise

Business Email Compromise is a prevalent and costly form of cybercrime, where attackers unlawfully access business email accounts to facilitate fraud. The DCU employs cutting-edge legal and technical strategies to combat BEC crimes. By identifying, mapping, and disrupting the complex infrastructure used for BEC attacks, the DCU safeguards organisations and individuals. Their actions include securing court orders to block malicious domains, removing phishing URLs, and closing malicious email accounts.


Malware remains a significant tool for cybercriminals and state-sponsored actors. Botnets, networks of malware-infected computers, enable them to scale their activities anonymously. The DCU has been dedicated to identifying, investigating, and disrupting these botnets and state-sponsored actors for over a decade. By targeting their distribution and communication infrastructure, the DCU has prevented the further spread of malware, protected victims, and shared intelligence to enhance Microsoft’s product security.


Ransomware attacks have seen a sharp increase in recent years, with cybercriminals targeting critical assets for higher ransoms. Microsoft, through the DCU, aims to reduce the profitability and deployment of ransomware. By disrupting infrastructure and payment systems used in ransomware attacks, as well as preventing the misuse of Microsoft products and services, the DCU helps make ransomware attacks less lucrative and more challenging for cybercriminals.

Tech Support Fraud

Tech support fraud is a widespread issue, with scammers impersonating reputable technology companies to deceive victims. The DCU employs data analytics and investigates criminal networks engaged in tech support fraud. By collaborating with law enforcement, providing information to financial institutions and payment processors, and educating the public, the DCU works to disrupt these scams and protect individuals from falling victim.

Malicious Use of Azure

Cybercriminals sometimes exploit Microsoft’s Azure Cloud Services to launch attacks. The DCU is committed to identifying and investigating these criminals, preventing them from utilising Azure for malicious purposes. By disrupting cybercriminal networks and gaining insights into their tactics, the DCU strengthens Azure’s security, protects customer data, and enhances the overall customer experience.

Technological Advances

Machine Learning: With the ever-increasing volume of data, the DCU harnesses machine learning clustering techniques to analyse and understand criminal activities. These techniques help identify patterns, detect criminal networks, and improve the efficiency of investigations. By partnering with engineering teams, the DCU enhances the security of Microsoft’s products and services, ensuring a safer digital environment for users.

Payment Disruption

As cybercrime continues to grow, the DCU recognises the need to disrupt the financial flow from victims to cybercriminals. They collaborate with public and private sector stakeholders, including banks, payment processors, crypto exchanges, and law enforcement, to build a comprehensive payment disruption strategy. By preventing cybercriminals from enjoying the proceeds of their crimes, the DCU aims to mitigate the global cost of cybercrime.

Discover privacy and regulatory risks in dark data with the Protect & Govern Sensitive Data Workshop

Workshop highlights:

  • Identify privacy and regulatory risks in your organisational data.
  • Assess your current Microsoft 365 environment against a set of controls for key regulations and standards for Information Protection and Data Lifecycle Management.
  • Learn about tools that can help mitigate and control the identified risks.
  • Walk away with recommendations and a roadmap of actionable next steps based on your needs and objectives.

About the author