Microsoft 365 'Direct Send' abused to send phishing as internal users

An ongoing phishing campaign abuses a little‑known feature in Microsoft 365 called "Direct Send" to evade detection by email security and steal credentials. [...]

https://www.bleepingcomputer.com/news/security/microsoft-365-direct-send-abused-to-send-phishing-as-internal-users/

Posted from: this blog via Microsoft Power Automate.

Comments

Popular posts from this blog