Weekly Detection Enhancements - Week of March 6
Strengthened detection of vendor billing fraud through enhanced scoring of impersonation signals
Improved vendor fraud detection using reply-to domain mismatch analysis on billing change requests
Upgraded vendor fraud model with advanced lookalike scoring and sender behavior analysis to catch invoice impersonation
Added Microsoft Entra detection for suspicious credential additions enabling long-term account persistence
Launched Microsoft Entra detection correlating password or MFA changes with anomalous sign-ins to flag active takeovers
Introduced Microsoft Entra detection for high-risk authentication changes that allow persistence after credential resets