What makes this attack particularly dangerous is that traditional email authentication mechanisms cannot detect it since emails originate from legitimate Microsoft domains and pass all standard email security checks, directing victims to voice-based scams where fewer security controls exist. Unlike traditional phishing attempts that rely on lookalike domains or email spoofing, this attack leverages Microsoft’s own trusted systems to bypass security controls and deceive users. The attack utilizes Microsoft’s legitimate service-generated emails with valid authentication markers (SPF, DKIM, DMARC), making it significantly more difficult for both technical controls and human recipients to detect. A sophisticated new phishing campaign has been discovered that exploits Microsoft 365’s legitimate infrastructure to conduct highly convincing credential harvesting and account takeover attempts. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Guardz Security researchers identified that adversaries establish control over multiple Microsoft 365 organization tenants, either by registering new ones or compromising existing ones. By manipulating tenant properties and organization display names within Microsoft 365, attackers can embed phishing content directly within trusted Microsoft communications.
This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 18 Mar 2025 13:35:13 +0000