A massive phishing campaign has been targeting Office 365 (i.e., Microsoft 365) users in over 10,000 organizations since September 2021 and successfully bypassing multi-factor authentication (MFA) set up to protect the accounts.
The attackers use proxy servers and phishing websites to steal users’ password and session cookie. Their ultimate goal is to access finance-related emails and to hijack ongoing email threads to commit payment fraud and mount business email compromise (BEC) campaigns against other targets, Microsoft researchers explained.
