Phishing targets Microsoft 365 users without multi-factor authentication.
Ongoing phishing campaigns target organizations using Microsoft 365, specifically Office 365 where multi-factor authentication (MFA) is not enforced. The attacks use sophisticated social engineering tactics and convincing phishing pages to harvest user credentials.