FBI Warns of 'Kali365' Phishing Scam Targeting Microsoft Users' Passwordless Accounts
The FBI is warning users about an emerging phishing-as-a-service platform called Kali365 that targets Microsoft 365 accounts by tricking victims into surrendering their login credentials. The scam may use passwordless security measures as bait to gain access to unsuspecting users' accounts.
The FBI is warning Microsoft users about a phishing-as-a-service platform called Kali365 that targets Microsoft 365 accounts, which may trick users into revealing sensitive information such as passwords and security questions. The attackers use email spoofed to appear from legitimate sources, including Microsoft itself. The scam relies on the trust users have in passwordless sign-in features, which are not foolproof. Users are advised to be cautious when receiving unexpected login requests or verification messages.
