Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft

Summary

A new phishing-as-a-service (PhaaS) operation named Forg365 is targeting Microsoft 365 accounts using device code phishing and adversary-in-the-middle (AitM) techniques. The service, available for a monthly fee, also employs AI for lure creation and advanced antibot evasion strategies.

IFF Assessment

FOE

This article details a sophisticated phishing operation that leverages advanced techniques, posing a significant threat to Microsoft 365 users.

Defender Context

Defenders should be aware of the increasing sophistication of phishing campaigns like Forg365, which combine multiple advanced techniques including AI. Organizations need to implement robust multi-factor authentication (MFA) and train users to recognize advanced social engineering tactics, particularly those that bypass traditional security measures.

Read Full Story →