Mitiga's Research Team

Mitiga's Research Team

Advisory: Persistent MFA Circumvention in an Advanced BEC Campaign on Microsoft 365 Targets

Mitiga investigated an attempted Business Email Compromise (BEC) attack. While the alertness of the involved parties prevented the fraud, the attack indicated that the attacker had access to sensitive information that could only be obtained by compromising a user in the organization.

Advanced BEC Scam Campaign Targeting Executives on O365

Mitiga spotted a sophisticated, advanced business email compromise (BEC) campaign, directly targeting relevant executives of organizations (mostly CEOs and CFOs) using Office 365.