Scammers Bypass Microsoft Office 365 MFA In BEC Attacks

Scammers recently conducted a large-scale business email compromise (BEC) bypassing Microsoft Office 365 MFA.

While Microsoft 365 Defender researchers intercepted the cloud-based infrastructure used by scammers, the researchers explained that the attack occurred behind a recent BEC incident involving stolen login information through phishing messages that redirected targets to landing pages that mimicked Microsoft login pages.

It then asks them to enter their passwords under a prefilled username field.

Although multi-factor authentication already blocks stolen inbox credentials, attackers use older protocols to infect emails and bypass MFA.

For more information, read the original story in Bleeping Computer.

Scammers Bypass Microsoft Office 365 MFA In BEC Attacks

Top Stories

Nvidia preparing open-source platform for enterprise AI agents, report says

UK surgeon performs remote robotic surgery on patient 1,500 miles away

Kalshi declines payouts on Iran leadership prediction market after Khamenei’s death

CIOCAN launches memorial award honouring Canadian IT leader Fawn Annan

Check Point launches Canada-only security region to meet rising data residency demands

OpenAI amends Pentagon deal after backlash over surveillance concerns

Related Articles

Microsoft launches $99 Microsoft 365 E7 tier bundling Copilot AI tools

Dutch intelligence warns of Russian campaign targeting Signal and WhatsApp accounts

Check Point launches Canada-only security region to meet rising data residency demands

API key breach triggers $82K Gemini bill for developer team

TND News Desk

TND News Desk

Jim Love

Follow Us

Popular categories

Tech News Delivered