If you are an IT manager and use Microsoft 365, we recommend that you read this post thoroughly. We are talking about the next big threat for small and medium-sized companies.

As phishing attacks become more sophisticated, so do the hackers' tools. One of the newer tools used by cybercriminals is "evilginx".

An automated phishing tool that can bypass traditional MFA via SMS, Time-based one-time password (TOTP) and push notifications from Microsoft Authenticator, by stealing so-called session cookies and allowing access from unknown devices, outside your normal security network. 🤯

To prevent this threat, Microsoft has introduced a new phishing-resistant MFA called Passkeys (currently in preview), which in the long term can also replace traditional passwords.

Until Passkeys is released, you should consider protecting your users with Conditional Access to block high-risk users and login attempts (requires Entra ID Plan 2 license).

You can also advantageously activate geographical blocking of users outside, for example, Denmark, with special exceptions for groups with travel activity. ⛱️

Want to hear more about how to protect yourself from evilginx? Contact us to find out more or book a free personal sparring session supporters.dk.