Microsoft: Token-stealing phishing campaign hit 35,000 users across 26 countries

Colleagues, a note for infosec: Microsoft detailed a large phishing campaign affecting 35,000 users.
- Method: corporate HTML templates, PDF attachments and legitimate mail delivery services.
- Chain: CAPTCHA and intermediate pages, followed by AI-powered-in-the-middle (AiTM) phishing to steal credentials and tokens — bypassing MFA.
- Targets: primarily the US; sectors include healthcare, finance, professional and IT services.
Why it matters: attackers enhance email plausibility and exploit trusted infrastructure to evade defenses.
What immediate measures would you recommend to protect staff?
#cybersecurity #phishing #MFA #infosec


Latest comments
No comments yet.