Forum Discussion
Recieving increasing number of phishing attempts mimicking Microsoft MFA QR Codes
Even though we are MS 365 defender customers for all our users (EMS + E3) we are receiving an increasing number of phishing attempts based on good looking MFA connection requests. Furthermore these ...
I don't get any forward MX resolution for mtb.biglobe.ne.jp, biglobe.ne.jp or ne.jp. Perhaps you want to quarantine anything from ne.jp that does not offer satisfactory DMARC? As always, test before implementing, and although JP is a problem there are many other sources to worry about; Uncle Joe [B] is our big problem at the moment.
It's getting way worse out there and Microsoft isn't doing anything about it. They are now using the QR codes to link users to enterprise app so the users simply signs in with their regular authentication and then they ask the user to grant delegated permission to their email and if your tenant is left at the default setting it will grant access to these hackers
We really hope they do something about this soon
We really hope they do something about this soon