
Unpacking the Latest Threats Targeting the Financial Services Industry
From Microsoft Threat Intelligence Podcast by Microsoft
February 11, 2026 · 30 min · Season 3 · Episode 62
About this episode
The episode discusses the tactics used by financially motivated threat actors in the financial services sector, focusing on Storm-0727 and broader threat trends.
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by Microsoft security researchers Megan Stalling and Anna Seitz to examine how financially motivated threat actors are using familiar, low-complexity techniques to drive real-world impact across the financial services sector. They examine Storm-0727, a financially motivated threat actor targeting cryptocurrency, financial services, and government entities, highlighting how simple techniques like financial-themed lures, macro-enabled documents, and credential theft allow attackers to quietly establish and maintain access. The conversation then expands to broader financial-services threat trends, including business email compromise, ransomware with data extortion, phishing-as-a-service, and why social engineering and unpatched vulnerabilities continue to succeed even in mature security environments. In this episode you’ll learn: How credential theft helps attackers maintain persistence Why social engineering works even in well-secured environments How Storm-0727 targets financial services and cryptocurrency organizations Some questions we ask: What happens after a victim opens a…
People in this episode
Host: Sherrod DeGrippo
Guests: Megan Stalling, Anna Seitz
Topics covered
- financial services threats
- credential theft
- social engineering
- ransomware
- phishing
- Storm-0727
Keywords
- financial services
- threat actors
- credential theft
- social engineering
- ransomware
- phishing
- Storm-0727
Mentioned in this episode
Organizations: Microsoft, Storm-0727, cryptocurrency, financial services, government, business email compromise, ransomware, phishing-as-a-service
More episodes of Microsoft Threat Intelligence Podcast
- Supply Chain Attacks: Open Source or Open Door? · June 3, 2026 · 39 min
- Eviltokens: A Conversation with Huntress on an AI‑Enabled Device Code Phishing Campaign · May 20, 2026 · 42 min
- Russia’s Forest Blizzard Is Abusing Home + Small Office Routers for Cred Theft · May 6, 2026 · 52 min
- The Cybercrime Shift: From Opportunistic Attacks to Marketplace-Driven Ecosystem · April 22, 2026 · 40 min
- Ransomware: From Isolated Attacks to Global Criminal Ecosystem · April 8, 2026 · 48 min
- Winter SHIELD: Closing the Security Control Gap · March 25, 2026 · 37 min
Explore listener stats, chart rankings, contacts and more on the Microsoft Threat Intelligence Podcast podcast page.