<img height="1" width="1" style="display: none" alt="" src="https://px.ads.linkedin.com/collect/?pid=1098858&amp;fmt=gif">

Hackers Exploit Microsoft 365 Feature to Send Fake Internal Emails

Cybercriminals are exploiting Microsoft 365's Direct Send feature to send phishing emails that appear internal, targeting US organizations. Experts recommend disabling Direct Send and enforcing strict DMARC policies.
Content Team
By Content Team
Last updated:

Cybercriminals are abusing Microsoft 365's Direct Send feature to bypass email security and send phishing emails that appear to come from internal users. The technique exploits a legitimate feature designed for printers and scanners, allowing attackers to evade authentication protocols like SPF, DKIM, and DMARC.

Security firm StrongestLayer documented successful attacks targeting HR, finance, and executive personnel. Multiple vendors report widespread campaigns affecting over 70 organizations since May, primarily in US financial services, manufacturing, and healthcare sectors.

Microsoft has acknowledged the issue and introduced detection options, but experts recommend disabling Direct Send and implementing strict DMARC policies.

Source: Dark Reading
Share this article
Share on facebook Share on linkedin Share on twitter Share on email
blog_book_a_demo_cta_3x
Have questions about protecting your software?
Our escrow experts are standing by to help.
Book a free demo
YOU MAY ALSO LIKE
Data breaches
Allianz Life Confirms Data Breach Affecting Majority of 1.4 Million Customers
Aug 9, 2025
Data breaches
Air France and KLM Hit by Data Breach Affecting Customer Information
Aug 9, 2025
Cyberattacks
French Telecom Giant Bouygues Hit by Cyberattack Affecting 6.4 Million Customers
Aug 9, 2025
Ransomware
New Interlock Ransomware Uses Fake Error Messages to Trick Windows Users
Aug 9, 2025