The FBI has warned of the danger from a new wave of phishing attacks generated by a tool called Kali365.
It enables cyber criminals to obtain Microsoft 365 access tokens and bypass multi-factor authentication (MFA) protocols without intercepting the user’s credentials by capturing Oauth tokens linked to the victim’s Microsoft 365 account.
The scam works in a similar way to most phishing attacks. An attacker sends an email purporting to be from a trusted cloud document sharing service, including instructions to enter a particular code on a legitimate Microsoft site.
The code, however, authorizes the attacker’s device to access the victim’s Microsoft account.
The FBI has issued a set of instru...