Payroll Fraud - 1

2026 (1)

April (1)

security: Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees

Microsoft Security Blog

2026-04-09

Microsoft reports on Storm-2755, a financially motivated threat actor targeting Canadian employee accounts to access profile data and redirect salary payments to attacker-controlled accounts. The post is based on observations from Microsoft Incident Response – Detection and Response Team (DART).

2025 (1)

October (1)

security: Investigating targeted “payroll pirate” attacks affecting US universities

Microsoft Security Blog

2025-10-09

Microsoft Threat Intelligence reports a financially motivated actor tracked as Storm-2657 conducting "payroll pirate" attacks against US universities by compromising employee accounts, accessing employee profiles, and diverting salary payments to attacker-controlled accounts.