Microsoft 365 users worldwide have recently been warned by security services (including the FBI) about a new phishing threat that challenges long‑standing security assumptions. Even with advanced multi-factor authentication in place, organisations are still at risk.
A phishing‑as‑a‑service platform called Kali365 has emerged, making it easier for attackers to gain access to accounts without needing passwords.
First identified in April 2026, Kali365 offers ready-made phishing campaigns, automated tools, and tracking dashboards, lowering the barrier for cyber criminals. What makes this threat particularly effective is how it uses a legitimate Microsoft feature rather than a fake login page. Many users are familiar with entering a short code on a trusted site when signing into services on devices like TVs. Kali365 exploits this same process.
Victims receive an email that appears genuine and are prompted to enter a code on a real Microsoft page. Because everything looks legitimate, there are no obvious warning signs. However, entering the code grants access to the attacker, allowing them to use Outlook, Teams, and OneDrive without needing login credentials or further verification.
At this point the attacker is inside your 365, and changing your password will not block their access. They are in until you actively find the backdoor they used and lock it; wouldn’t it make sense to lock it beforehand?
This highlights a growing issue in cyber security. It is no longer just about protecting passwords. Users can unknowingly grant access through trusted workflows, which makes attacks harder to detect. For businesses relying on Microsoft 365, this is a reminder to review how access is controlled and to ensure staff remain cautious of unexpected authentication requests, even when they appear to come from trusted sources.
Kali365 shows how phishing continues to evolve, and why a layered approach to cyber security is essential. If your company has not reviewed its Microsoft 365 setup recently, now is the time to ensure your defences are keeping pace. At Pro Drive IT, we help accountants, lawyers and financial services firms stay protected against emerging threats and maintain confidence in their cloud environments.
If you’re concerned that your current IT provider isn’t doing everything they should be to protect your business, book a consultation with us. If you’d like some piece of mind regarding the security of your Microsoft 365 configuration, have a look at our audit services.
Alternatively, If you just want a conversation about high performance IT for your business, feel free to get in touch with me directly.