AI-Powered Phishing Attacks Exploit Microsoft Device Code Login

Thumbnail Image

The information displayed in the AIM should not be reported as representing the official views of the OECD or of its member countries.

Attackers are using the AI-driven EvilTokens phishing-as-a-service platform to automate device code phishing attacks targeting Microsoft Azure users. By leveraging AI and social engineering, they bypass multi-factor authentication on official Microsoft login pages, leading to account takeovers and data breaches. The attacks are notably more effective against Microsoft than Google environments.[AI generated]

Why's our monitor labelling this an incident or hazard?

The event involves the use of AI-powered automated tools in phishing attacks that have directly caused harm by enabling attackers to bypass security measures and take over accounts, leading to data theft and potential further malicious activities. The article details realized harms including account compromise, data access, and potential ransomware deployment, all stemming from AI-assisted phishing. Hence, it meets the criteria for an AI Incident due to direct harm caused by AI system use in the attack.[AI generated]
AI principles
Privacy & data governanceRobustness & digital security

Industries
Digital securityIT infrastructure and hosting

Affected stakeholders
ConsumersBusiness

Harm types
Economic/PropertyReputationalHuman or fundamental rights

Severity
AI incident

Business function:
Other

AI system task:
Content generation


Articles about this incident or hazard