Forg365 phishing service blends AiTM and device-code flows to steal M365
Source headline: New Forg365 phishing platform uses AI to target Microsoft 365 accounts
Intelligence Summary
Forg365 is a phishing-as-a-service platform aimed at Microsoft 365 account theft. It combines adversary-in-the-middle techniques with device-code style authentication to improve login success. The operation also uses AI-assisted lure generation to make social-engineering messages more convincing. Victims are typically targeted via crafted prompts that lead them to disclose credentials or complete fraudulent sign-in flows. Organizations using Microsoft 365 should watch for suspicious authentication activity and tighten MFA and conditional access policies. End users should verify sign-in prompts carefully and avoid following unexpected login links.
Recommended Action
Review affected assets, schedule urgent remediation, and monitor related indicators.