New York (Web Desk) The U.S. Federal Bureau of Investigation (FBI) has issued a warning to users of Microsoft 365 services about an increasing cyber threat affecting platforms such as Outlook, Teams, and OneDrive.
According to the FBI, a new phishing campaign is being used by hackers that is capable of bypassing multi-factor authentication systems, making user accounts more vulnerable.
Reports suggest that cybercriminals are using a hacking platform called “Kali 365,” which has the ability to steal OAuth tokens. Through these tokens, attackers can gain access to user accounts without needing passwords.
These phishing attacks are typically carried out through fake emails that appear to be official Microsoft communications. Users are asked to enter a device verification code, and during this process attackers obtain access tokens.
The FBI stated that this new platform also provides advanced tools for less-skilled hackers, including AI-based phishing templates, automated attack systems, and dashboards for tracking victims.
Cybersecurity experts say the service is being promoted through various online channels and is reportedly offered on a subscription-based monthly fee.
The FBI has advised users to avoid clicking on unknown links and not to respond to unexpected verification codes or login requests, while urging affected individuals to immediately report incidents to relevant cybercrime authorities.