Scammers recently conducted a large-scale business email compromise (BEC) bypassing Microsoft Office 365 MFA.
While Microsoft 365 Defender researchers intercepted the cloud-based infrastructure used by scammers, the researchers explained that the attack occurred behind a recent BEC incident involving stolen login information through phishing messages that redirected targets to landing pages that mimicked Microsoft login pages.
It then asks them to enter their passwords under a prefilled username field.
Although multi-factor authentication already blocks stolen inbox credentials, attackers use older protocols to infect emails and bypass MFA.
For more information, read the original story in Bleeping Computer.