Cyber attackers are hijacking Microsoft Outlook, Teams and 365 log-ins, FBI says

Source: The Hill

05/27/26 5:34 PM ET


(NEXSTAR) – A new phishing tool is allowing cyber attackers to get access to Microsoft 365 users’ accounts without even needing to know your password, the FBI said in a warning issued to the public on Thursday.

The phishing platform, called Kali365, was first seen in April, according to the FBI. It’s primarily distributed through the messaging app Telegram and allows cyber attackers to bypass multi-factor authentication. The scam starts with a lure, typically a phishing email impersonating a trusted source like a document sharing service. “This phishing email contains a device code with instructions to visit a legitimate Microsoft verification page and enter the code,” the FBI warns.

Once you navigate to the real Microsoft page and paste in the code, you’d be unwittingly authorizing the attacker to access your account. From there, they can capture authorization tokens that grant them access to your Microsoft 365 software, including Outlook email, Teams messages and OneDrive files. They won’t need to know your password or use multi-factor authentication to access your account.

This new phising platform, Kali365, makes it easier for unskilled attackers to steal authorization codes, using AI-generated phishing lures, and target and track individuals in real time, the FBI says.

Read more: https://thehill.com/policy/technology/5897640-cyber-attackers-are-hijacking-microsoft-outlook-teams-and-365-log-ins-fbi-says/