FBI warns Kali365 phishing scam bypasses Microsoft 365 multi-factor authentication
By
Chris Williams
Front-window bakery material. Catches the eye, delivers the goods.
Summary
The FBI has issued a warning about a new phishing scam called Kali365 that targets Microsoft 365 accounts. The scam allows hackers to bypass multi-factor authentication by stealing login tokens, giving them persistent access to victims' emails, files, and other services. The Kali365 platform makes it easier for less-skilled attackers to launch scams by providing AI-generated phishing emails and ready-made tools.
Key quotes
· 3 pulledThe FBI is warning the public about a new phishing scam called Kali365 that lets hackers break into Microsoft 365 accounts and bypass multi-factor authentication
By subscribing to the Kali365 platform, hackers can steal login tokens that give them ongoing access to a victim's Microsoft 365 account
The service makes it easier for even less-skilled attackers to launch scams by offering AI-generated phishing emails
You might also wanna read
Scammers exploit Microsoft account loophole to send spam from legitimate internal email address
Scammers have been exploiting a loophole in Microsoft's system to send spam emails from an internal Microsoft email address that is normally
techcrunch.com·8d ago
How a Fake Job Interview Nearly Installed Malware on My Computer
A developer shares a personal account of nearly falling victim to a sophisticated job interview scam where a fake blockchain company recruit
blog.daviddodda.com·7mo ago