Microsoft 365 accounts compromised – beware of phishing

In August, the NCSC-FI received 70 reports related to Microsoft 365 account breaches. After the summer holiday season ended, the number of cases has risen significantly, and at present, organisational email accounts are being compromised at an accelerating pace. Numerous organisations have been exposed to breaches and subsequent phishing emails, and within a single organisation there may be several – even dozens – of compromised accounts. Criminals use stolen credentials to log in to Microsoft 365 services, and the hijacked accounts are then exploited to send new phishing messages and to carry out invoicing fraud.