Attackers exploit misconfigured email routing and weak spoof protections to send internal-looking phishing emails for ...

“Successful credential compromise through phishing attacks may lead to data theft or business email compromise (BEC) attacks ...

Threat actors are abusing misconfigured MX records and weak DMARC/SPF policies to make phishing emails look internal, ...

A SINISTER hacking “campaign” that used extremely convincing “emails from Google” has been exposed. Cyber-crooks were able to ...

Microsoft said that Office 365 tenants with weak configurations and who don't have strict anti-spoofing protection enabled ...

Researchers from Check Point have discovered a new phishing campaign, abusing a legitimate Microsoft product in an attempt to steal people’s login credentials. In a new blog post, published earlier ...

Microsoft 365 administrators can use built-in Defender for Office 365 tools to enable impersonation and domain protection, reducing phishing risks by identifying spoofed senders and untrusted domains.

A new phishing-as-a-service (PhaaS) platform called ONNX Store is targeting Microsoft 365 accounts for employees at financial firms using QR codes in PDF attachments. The platform can target both ...

Microsoft 365 includes built-in tools to defend against phishing attempts that use domain and user impersonation, but administrators need to understand how these protections work to avoid unintended ...

The Information Security Office would like to caution the Miami community about a new phishing attempt that was sent to many Miami users over the weekend. Some users have received an email stating ...

Recent research by cybersecurity experts has uncovered a vulnerability in Microsoft 365's anti-phishing mechanisms, which can be exploited using CSS. This flaw allows attackers to bypass safety alerts ...