FBI Issues Urgent Security Warning for Microsoft 365 Users Against Kali365 Phishing Scam

The Federal Bureau of Investigation (FBI) has issued an urgent security warning to the public concerning a rapid phishing scam leveraging a platform known as Kali365. This threat specifically targets Microsoft 365 users across services such as Teams, Outlook, and OneDrive.

According to the FBI, Kali365 operates by seeking out OAuth device codes. This method allows attackers to bypass multi-factor authentication (MFA) and gain access to Microsoft accounts without the need for a user's password.

The attack typically initiates with a phishing email sent by scammers. These emails impersonate legitimate document-sharing services and include a device code along with instructions for the user to verify it.

Kali365 is described by the FBI as a platform that "lowers the barrier of entry." It provides less-technical attackers with access to advanced tools, including AI-generated phishing lures, automated campaign templates, real-time targeted individual/entity tracking dashboards, and OAuth token capture capabilities.

This hacking platform is reportedly sold to scammers through a subscription model, costing $250 per month. The FBI first detected Kali365 in April and has characterized it as an "emerging Phishing-as-a-Service platform." NordPass further noted that Kali365 enables hackers with limited technical skills to access sophisticated phishing tools.

(Source: Slashdot, citing The Hill and the FBI)