Friday, 4 July 2025
28 C
Singapore
29.3 C
Thailand
22.6 C
Indonesia
28.6 C
Philippines

Microsoft 365 users targeted by an advanced new phishing scam

A new phishing scam, Mamba 2FA, targets Microsoft 365 accounts, bypassing multi-factor authentication with advanced features at a low cost of US$250.

A dangerous new phishing scam has emerged, primarily targeting Microsoft 365 users. Known as Mamba 2FA, this phishing-as-a-service (PhaaS) platform has caught the attention of cybercriminals due to its advanced features, security evasion techniques, and relatively low cost.

According to reports from cybersecurity researchers at Sekoia, Mamba 2FA has been around since November 2023. The service costs US$250 per month, making it affordable for criminals looking to exploit both personal and corporate Microsoft 365 accounts.

How criminals are using Mamba 2FA

The Mamba 2FA platform offers a range of features that make it particularly effective. For example, it enables attackers to create convincing fake Microsoft 365 login pages, tricking users into entering their credentials. Even more worryingly, these counterfeit pages can capture sensitive information like authentication tokens and multi-factor authentication (MFA) codes. This makes Mamba 2FA capable of bypassing one of the most common security measures companies use to protect their accounts.

In recent months, Mamba 2FA has undergone several upgrades. One of its most alarming improvements is its ability to hide the IP addresses of relay servers in authentication logs. This makes it more difficult for businesses to detect unusual login attempts. Additionally, Mamba 2FA rotates the domain names used in phishing URLs to avoid being blacklisted by security systems.

Cybercriminals who use the service can collect a wide range of security information from victims, which they can then use to take control of their accounts. Sekoia’s researchers observed multiple instances of Mamba 2FA in action, highlighting the growing popularity of this platform among hackers.

Phishing remains a top threat

Phishing continues to be one of the most widespread and effective methods cybercriminals use to steal sensitive data or deploy malware. Its low cost and the ease with which email addresses can be obtained make phishing a persistent threat to individuals and businesses.

To combat this, many organisations now require their employees to use multi-factor authentication, hoping it will provide an additional layer of security and prevent attackers from using stolen passwords. Unfortunately, criminals have adapted. The rise of adversary-in-the-middle (AiTM) techniques like those used in Mamba 2FA means that even MFA codes can now be intercepted by hackers.

One of the tricks used by Mamba 2FA is to allow the victim to log into the legitimate service while their data is being stolen. This tactic increases the credibility of the phishing attempt and reduces the chances that users will realise something is wrong, leaving them even more vulnerable.

Staying safe in a phishing-filled world

The growing sophistication of phishing scams like Mamba 2FA highlights the importance of remaining vigilant online. While multi-factor authentication remains an important tool in the fight against cybercrime, it’s no longer enough. Businesses and individuals alike must be aware of the latest phishing tactics and ensure comprehensive security measures are in place.

Regular employee training, advanced email filtering systems, and monitoring for unusual login attempts are some steps that can help reduce the risk of falling victim to these attacks. The battle against phishing is far from over, and as criminals develop new tools, cybersecurity efforts must continue to evolve.

Hot this week

Google launches Gemini AI for schools and students, raising questions about future of learning

Google launches Gemini AI in schools with safety tools and fact-checking, sparking debate on its impact on learning and student development.

Hundreds of Brother printers have a serious flaw you can’t entirely fix

Hundreds of Brother printers have a flaw that lets hackers guess your admin password and one critical issue can't be fixed with updates.

Singapore ramps up AI investments but faces hurdles in scaling enterprise adoption

A new IBM study finds that while AI investment is growing in Singapore, few businesses have succeeded in scaling it across the organisation.

Apple could launch a low-cost MacBook with an iPhone chip by 2026

Apple may release a cheaper MacBook with an iPhone chip, possibly launching in late 2025 with the A18 Pro and four colour options.

Best travel cameras in 2025 for every kind of traveller

Compare the best travel cameras in 2025 for every style and budget—from compact point-and-shoots to mirrorless powerhouses built for photography on the go.

Xiaomi opens new store at City Square Mall and launches Shopee presence in Singapore

Xiaomi opens its ninth store in Singapore at City Square Mall and launches its official Shopee store with promotional offers across both platforms.

Tools for Humanity: Why Southeast Asia is shaping the future of humanness in the Age of AI

Southeast Asia is pioneering the future of digital identity with World ID, offering private, secure, and human-first verification at scale.

Google to roll out update for Pixel 6A battery overheating next week

Google’s July 8 Pixel 6A update limits battery overheating by reducing capacity after 400 cycles, with free replacements for affected users.

Microsoft opens pre-orders for Surface Copilot+ PCs in Singapore

Microsoft launches AI-powered Surface Pro and Surface Laptop in Singapore, with pre-orders open ahead of 15 July availability.

Related Articles

Popular Categories