Who needs MFA when you’ve got EvilTokens? Hundreds of organizations have been compromised daily by a Microsoft device-code phishing campaign that uses AI and automation at nearly every stage of the attack chain to ultimately snoop through corporate email inboxes and steal financial data.…
You must log in or register to comment.
A few times a year I get a wave of false 2 factor requests for Microsoft accounts. It’ll be persistent for a few days or a week, and then stop.
I always get the impression they are hoping the user will just click accept on one of the notifications to make them stop.
