Cybercriminals send phishing emails disguised as Microsoft to gain access to victims’ login credentials. Once they have access, the attackers can carry out further attacks or steal sensitive information.
Users should be cautious of unsolicited emails, verify the sender’s identity before entering login credentials, and enable two-factor authentication for added security.
Through the phishing kit, the PaaS affiliates can configure service API keys and Telegram bots and track the stolen information.
Read more: New ‘Greatness’ Phishing-as-a-Service Targets Microsoft 365 Accounts
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.