Security experts caution MFA alone can no longer stop threat actors
Summary
Security experts are warning about an increase in phishing campaigns targeting Microsoft 365 access tokens to bypass multi-factor authentication. New phishing-as-a-service platforms like EvilTokens and Kali365 are making these attacks more accessible to less technical actors, leveraging AI-generated lures and OAuth token capture.
IFF Assessment
The article highlights advancements in phishing techniques that successfully circumvent multi-factor authentication, posing a direct threat to user accounts and organizational security.
Defender Context
Defenders need to be aware that traditional MFA is becoming less effective against sophisticated token-stealing phishing attacks. Organizations should implement additional security layers beyond standard MFA, such as monitoring for anomalous login behavior, enforcing conditional access policies, and educating users about advanced phishing tactics.