One Email Could Give Hackers Access To Your Microsoft Account: FBI Warns They Don't Even Need Your Password

The FBI has alerted users and organizations about a sophisticated phishing scheme called Kali365, which targets Microsoft 365 accounts by manipulating legitimate verification processes. Unlike traditional phishing attacks, Kali365 uses authentic Microsoft login pages to trick victims into entering device authentication codes, granting attackers persistent access to Outlook, Teams, and OneDrive. The attack begins with a phishing email disguised as a message from a trusted cloud service, directing users to a genuine Microsoft verification page. Once the code is entered, hackers steal login tokens, allowing them to bypass password changes and maintain undetected access. The FBI warns that stolen tokens enable attackers to monitor emails, access confidential files, or impersonate employees. Investigators highlight Kali365’s accessibility, offering pre-made phishing templates, AI-generated emails, and token-stealing tools, making it easier for less experienced criminals to launch convincing attacks. The rise of such threats coincides with increased reliance on cloud platforms, exposing businesses to risks like data leaks and operational disruptions. The FBI recommends restricting device code authentication and implementing stricter security policies to limit exposure. Organizations should review authentication methods and disable unnecessary device code logins to prevent unauthorized access. The warning follows recent cyberattacks, including disruptions linked to the Shiny Hunters group targeting educational platforms.