Hackers are using this classic technique to hijack Microsoft 365 accounts

>

Open redirects, a classic weakness found in many of the world’s biggest web pages, are reportedly being used to steal login credentials (opens in new tab) for Microsoft 365 accounts.

According to experts from security firm Inky, the method was used to send more than 6,800 phishing emails from Google Workspace, posing as Snapchat, in the last two and a half months. As for American Express, the team identified more than 2,000 phishing emails.