Microsoft: Scammers bypass Office 365 MFA in BEC attacks
The attackers compromised target mailboxes using phishing and exfiltrated sensitive info in emails matching forwarding rules, allowing them to gain access to messages on financial transactions.
