Phishing Frenzy: Microsoft 365 Direct Send Exploited in US Firm Attacks

Scammers are exploiting Microsoft 365 Direct Send, a feature intended for internal devices, to spoof internal emails and bypass security filters. Armed with minimal public info, they send phishing emails mimicking voicemails with QR codes. Over 70 U.S. organizations have been targeted. Stay alert for external IPs and strange email behaviors!

3P
Published: July 1, 2025 11:34 amAdded: July 1, 2025 at 4:56 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Who knew that Microsoft 365’s Direct Send feature would become the new playground for cybercriminals? It seems like even the most mundane tools can be turned into weapons in the hands of crafty scammers. So, if you start receiving voicemails from your fridge or printer, it’s not because they’ve finally become sentient—it’s probably just another phishing attack!

Key Points:

  • Scammers are exploiting Microsoft 365’s Direct Send to spoof internal emails.
  • Over 70 organizations have been targeted, with 95% being US-based.
  • Attackers use fake voicemails with QR codes to phish credentials.
  • Detection methods include checking email headers for anomalies.
  • Defense strategies involve rejecting Direct Send and enforcing MFA.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?