A massive phishing campaign has been targeting Office 365 (i.e., Microsoft 365) users in over 10,000 organizations since September 2021 and successfully bypassing multi-factor authentication (MFA) set up to protect the accounts. The attackers use proxy servers and phishing websites to steal users’ password and session cookie. Their ultimate goal is to access finance-related emails and to hijack ongoing email threads to commit payment fraud and mount business email compromise (BEC) campaigns against other targets, … More
The post Phishers steal Office 365 users’ session cookies to bypass MFA, commit payment fraud appeared first on Help Net Security.