FBI warns of Kali365 phishing scam targeting Microsoft 365 users

June 15 (UPI) -- The Federal Bureau of Investigations issued a public service announcement Monday to warn of a phishing scam that targets Microsoft 365 users.

The cybersecurity threat stems from the platform Kali365 which the FBI describes as a Phishing-as-a-Service platform. Kali365 has been mainly distributed on Telegram and enables hackers to bypass multi-factor authentication without the need for a user's log-in credentials.

Cyberattackers send phishing emails purporting to be a reputable cloud or document-sharing service. The emails contain codes and instructions for visiting a real Microsoft verification page where the code is then entered. When the victim inputs the device code, they are unwittingly authorizing the cyberattacker's device to access their account.

Once a cyberattacker has successfully pulled off the phishing scam, they have access to the victim's Microsoft services including Outlook email, Teams and OneDrive cloud service.

"Kali365 lowers the barrier of entry, providing less-technical attackers access to AI-generated phishing lure, automated campaign templates, real-time targeted individual/entity tracking dashboards, and OAuth token capture capabilities," the FBI said in the public service announcement.

The FBI first detected the Kali365 phishing scam in April. It has offered tips for protecting against the scam and urges anyone who receives a suspicious email or notices suspicious logins from unauthorized devices to report them to the Internet Crime Complaint Center. It also warns against opening links with access codes that have not been requested.

Read More

• Anthropic employees in D.C. to meet with White House officials
• Two convicted of arson linked to British PM Starmer's property
• Supreme Court will not take Carter Page's lawsuit against James Comey