Bleeping Computer

Microsoft 365 'Direct Send' abused to send phishing as internal users

An ongoing phishing campaign abuses a little‑known feature in Microsoft 365 called "Direct Send" to evade detection by email security and steal credentials. Direct Send is a Microsoft 365 feature that ...
PC World

Microsoft fights ’email bombing’ attacks with Office 365 security update

Microsoft has begun rolling out a new feature in Office 365 to stop email bombing, a type of cyberattack that has grown increasingly common in recent years. Email bombing is when lots of emails are ...
PC World

Hackers are exploiting Microsoft 365 to send extortion emails

Over the past week, many users around the world have received extortion emails sent via the Microsoft 365 Message Center. These emails are demanding users to pay $2,000 worth of cryptocurrency to a ...
Bleeping Computer

Microsoft 365 Admin portal abused to send sextortion emails

The Microsoft 365 Admin Portal is being abused to send sextortion emails, making the messages appear trustworthy and bypassing email security platforms. Sextortion emails are scams claiming that your ...