FBI warns Microsoft 365 users of Kali365 phishing bypassing MFA

Technology May 28, 2026

Heads up, Microsoft 365 users: The FBI has flagged a new phishing scam called Kali365.
Hackers are sending emails that look legitimate, like they're from trusted cloud services, but they're actually trying to trick you into handing over access.
Once in, they can bypass multifactor authentication and get into your emails, files, Teams, Outlook, and OneDrive.

Entering Microsoft device code exposes tokens

The scam asks you to enter a device code on a real Microsoft verification page.
If you do, hackers grab login tokens and can keep accessing your account without needing passwords or extra security checks.
The FBI recommends organizations limit or disable device code logins and urges anyone who thinks they've been hacked to report it at IC3.gov for help.
Stay sharp out there!