Microsoft 365’s “Direct Send” Under Siege: Phishing Campaigns Exploit Security Loophole

A phishing campaign abuses Direct Send in Microsoft 365 to bypass security and steal credentials. It’s like a sneaky printer sending emails pretending to be your boss! This exploit targets financial, manufacturing, and healthcare sectors. Disable Direct Send or risk becoming the punchline in a hacker’s joke.

3P
Published: June 26, 2025 1:30 pmAdded: June 26, 2025 at 6:47 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Who knew that printers and scanners could have a side hustle in phishing? Thanks to Microsoft 365’s “Direct Send,” our office gadgets are moonlighting as cybercriminal accomplices, making our emails look as legitimate as a forged Mona Lisa. Maybe it’s time to give those printers a stern talking-to or at least a firmware update!

Key Points:

  • Microsoft 365’s “Direct Send” is being exploited in a phishing campaign.
  • The feature allows emails to appear internal without authentication.
  • Varonis identified over 70 organizations targeted, mostly in the U.S.
  • Phishing emails spoof voicemail notifications with QR codes leading to fake login pages.
  • Mitigation includes disabling Direct Send and tightening email security policies.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?