This alert may not be shared outside your organization, Do Not Repost or send, place on other websites, List servers, or send to others via email, including other associations or parties. Members and Law enforcement use only. Contact us for any permissions. To do otherwise will result in the loss of membership.
Complete Story
08/04/2025
Hackers Abuse Microsoft 365’s Direct Send Feature to Deliver Internal Phishing Attacks
Cyber Security News
Cybercriminals have discovered a sophisticated new attack vector by exploiting Microsoft 365’s Direct Send feature to deliver phishing campaigns that masquerade as legitimate internal communications.
This emerging threat leverages a legitimate Microsoft service designed for multifunction printers and legacy applications, turning it into a weapon for social engineering attacks that bypass traditional email security controls.
The attack campaign represents a significant evolution in phishing tactics, as threat actors can now send malicious emails that appear to originate from within the target organization without requiring valid credentials or authentication.
More Info
Alerts
The FRPA alert system distinguishes us from other groups by gathering and providing information to law enforcement, retailers AND financial institutions.
more information
Resources
Your electronic library to help in fighting financial fraud for all of our partners.
more information