New Forg365 phishing platform uses AI to target Microsoft 365 accounts

New Forg365 phishing platform uses AI to target Microsoft 365 accounts
Forg365 is a new phishing-as-a-service operation that targets Microsoft 365 accounts using device-code phishing, AiTM techniques, and AI-generated lure content. It also uses the ForgCookie browser extension to maintain persistent access to Microsoft services after compromise. #Forg365 #Microsoft365 #ForgCookie #ZeroBEC

Keypoints

  • Forg365 combines device-code phishing and AiTM attacks to steal Microsoft 365 accounts.
  • The platform includes AI-assisted email generation inside its operator dashboard.
  • ForgCookie helps attackers refresh Microsoft SSO cookies for persistent access.
  • Forg365 uses AntiBot defenses, encrypted redirectors, and VPN-aware redirection to evade analysis.
  • Researchers observed phishing delivery through Amazon SES, Cloudflare Pages, and Gophish infrastructure.

Read More: https://www.bleepingcomputer.com/news/security/new-forg365-phishing-platform-uses-ai-to-target-microsoft-365-accounts/