4d • Tech Square
Tech Tip Sneaky Phishing Attack
TECH TIP ALERT: FBI Warns of Sneaky New Phishing Attack Hitting Microsoft Users – No Password Needed!
Hey solopreneurs and small biz owners – if you rely on Outlook, Teams, or OneDrive, stop and read this right now.
The FBI just dropped an urgent alert on Kali365, a cheap Phishing-as-a-Service kit ($250/month) that lets even low-skill scammers hijack your Microsoft 365 account.
How it works: You get a phishing email pretending to be from a trusted service. It gives you a “device code” and tells you to paste it into a real Microsoft login page. Boom – attackers grab an authentication token and bypass MFA without ever stealing your password. Full access to your emails, files, chats, and more.12
Quick Action Steps to Protect Yourself:
- Never enter a device code from an unsolicited email – even if the page looks legit.
- Enable and review Microsoft security alerts for suspicious sign-ins or new devices.
- For business accounts: Set up Conditional Access policies to block or restrict device code flows (audit first to avoid breaking legit tools).
- Report suspicious emails immediately and monitor active sessions in your Microsoft account.
Stay vigilant – these attacks are already happening in the hundreds. One wrong paste could hand over your entire digital workspace.
Share this with your team or network! What’s your go-to cyber hygiene habit? Drop it below.
(Source: FBI PSA + Fast Company )
0
0 comments
Tech Tip Sneaky Phishing Attack
powered by
skool.com/tech-brewed-7970
Subscribers and followers to @techbrewednews on X,@techbrewed on YouTube and invited guests
Suggested communities
Powered by