Unpacking the Latest Threats Targeting the Financial Services Industry
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by Microsoft security researchers Megan Stalling and Anna Seitz to examine how financially motivated threat actors are using familiar, low-complexity techniques to drive real-world impact across the financial services sector.
They examine Storm-0727, a financially motivated threat actor targeting cryptocurrency, financial services, and government entities, highlighting how simple techniques like financial-themed lures, macro-enabled documents, and credential theft allow attackers to quietly establish and maintain access. The conversation then expands to broader financial-services threat trends, including business email compromise, ransomware with data extortion, phishing-as-a-service, and why social engineering and unpatched vulnerabilities continue to succeed even in mature security environments.
In this episode you’ll learn:
- How credential theft helps attackers maintain persistence
- Why social engineering works even in well-secured environments
- How Storm-0727 targets financial services and cryptocurrency organizations
Some questions we ask:
- What happens after a victim opens a macro-enabled document used by Storm-0727?
- How are phishing as a service platforms changing the threat landscape?
- What major threat trends are currently shaping the financial services sector?
Resources:
View Megan Stalling on LinkedIn
View Sherrod DeGrippo on LinkedIn
Related Microsoft Podcasts:
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
Microsoft Threat Intelligence 