{"id":194070,"date":"2025-12-27T17:25:42","date_gmt":"2025-12-27T17:25:42","guid":{"rendered":"https:\/\/teknomers.com\/en\/alert-for-new-phishing-scam-this-is-how-microsoft-365-accounts-are-stolen-without-user-awareness\/"},"modified":"2025-12-27T17:25:44","modified_gmt":"2025-12-27T17:25:44","slug":"alert-for-new-phishing-scam-this-is-how-microsoft-365-accounts-are-stolen-without-user-awareness","status":"publish","type":"post","link":"https:\/\/teknomers.com\/en\/alert-for-new-phishing-scam-this-is-how-microsoft-365-accounts-are-stolen-without-user-awareness\/","title":{"rendered":"Alert for New Phishing Scam: This Is How Microsoft 365 Accounts Are Stolen Without User Awareness"},"content":{"rendered":"\n
\n
<\/picture>
They discover a new phishing method that attacks Microsoft 365 accounts. REUTERS\/Albert Gea<\/figcaption><\/div>\n

The Rising Threat to Microsoft 365 Accounts<\/h2>\n

Microsoft 365 accounts have increasingly become prime targets for cybercriminals, drawing attention due to the significant amount of sensitive data they possess. A considerable number of vulnerabilities contribute to this, including weak passwords and inadequate multi-factor authentication practices.<\/p>\n

How Cybercriminals Operate<\/h3>\n

Proofpoint, a leading cybersecurity firm, has reported an alarming rise in sophisticated phishing attacks that allow hackers to seize control of Microsoft 365 accounts without users suspecting a breach. This is primarily achieved through the manipulation of a legitimate Microsoft authentication method known as OAuth<\/b>.<\/p>\n

Rather than relying solely on traditional password theft, attackers are now exploiting trusted authentication flows, enabling them to access both corporate and individual accounts seamlessly.<\/p>\n

\"Microsoft<\/picture>
Microsoft accounts in danger due to new phishing method. REUTERS\/Fabian Bimmer\/File Photo<\/figcaption><\/div>\n

Execution of the Phishing Attack<\/h2>\n

The attack typically commences with a seemingly legitimate phishing message delivered via email. It may contain a button, a hyperlinked text, or even a QR code directed towards a domain controlled by the attackers.<\/p>\n

Upon accessing this page, users are prompted to enter a device code, either obtained from the webpage or sent through email. This code masquerades as part of a security or verification process, ultimately functioning as a one-time password. Users, believing they are protecting their accounts, unwittingly enter the code into a legitimate Microsoft URL.<\/p>\n

Consequences of the Breach<\/h3>\n

By doing so, users inadvertently grant access permissions to their Microsoft 365 accounts. Attackers can then read emails, access sensitive documents, steal confidential information, and infiltrate an organization\u2019s network without needing original login credentials.<\/p>\n

\"The<\/picture>
The scam can arrive via email or QR codes. (Illustrative Image Infobae)<\/figcaption><\/div>\n

Evolution of Phishing Techniques<\/h2>\n

Researchers at Proofpoint note that this method represents a significant shift in modern phishing techniques. The transition from direct password theft to the abuse of trusted authentication flows has made users increasingly vulnerable as they unwittingly engage with genuine Microsoft domains.<\/p>\n

The surge in these attacks is attributable to automated tools, including phishing kits like SquarePhish2 and Graphish, which facilitate ease of use for even less experienced attackers.<\/p>\n

The Impact of Compromised Accounts<\/h3>\n

Once a cybercriminal gains access to a Microsoft 365 account, severe ramifications follow. In addition to the risk of stealing confidential information, they can send phishing emails to contacts, access related services, and commit financial fraud. Such breaches allow attackers to navigate through networks, leading to larger security crises and damage to organizational reputation.<\/p>\n

\"Cybersecurity<\/picture>
Cybersecurity company warned about new phishing method in Microsoft account. (Reuters)<\/figcaption><\/div>\n

Preventive Measures<\/h2>\n

In light of this evolving threat, Proofpoint recommends several strategies to mitigate risks:<\/p>\n