Cyber attackers are hijacking Microsoft Outlook, Teams and 365 log-ins, FBI says
The FBI has issued a warning about a new phishing tool called Kali365 that allows cyber attackers to access Microsoft 365 users' accounts without needing their password. The tool bypasses multi-factor authentication and can capture authorization tokens to grant access to Microsoft software, including Outlook and Teams. To protect themselves, users are advised to create a conditional access policy and learn to spot phishing attempts.
- ▪The Kali365 phishing platform was first seen in April and is primarily distributed through the messaging app Telegram.
- ▪The scam starts with a phishing email that contains a device code with instructions to visit a legitimate Microsoft verification page.
- ▪The FBI recommends creating a conditional access policy and checking who currently has access to code flow usage to prevent Kali365 attacks.
Opening excerpt (first ~120 words) tap to expand
Technology Cyber attackers are hijacking Microsoft Outlook, Teams and 365 log-ins, FBI says Comments: by Alix Martichoux - 05/27/26 5:34 PM ET Comments: Link copied by Alix Martichoux - 05/27/26 5:34 PM ET Comments: Link copied NOW PLAYING (NEXSTAR) – A new phishing tool is allowing cyber attackers to get access to Microsoft 365 users’ accounts without even needing to know your password, the FBI said in a warning issued to the public on Thursday. The phishing platform, called Kali365, was first seen in April, according to the FBI. It’s primarily distributed through the messaging app Telegram and allows cyber attackers to bypass multi-factor authentication. The scam starts with a lure, typically a phishing email impersonating a trusted source like a document sharing service.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at The Hill.