THE Kali365 phishing kit, highlighted by the FBI, is a phishing-as-a-service platform that targets Microsoft 365 accounts by stealing access tokens instead of passwords. This method is effective against both organizations and individual users, as it bypasses multi-factor authentication (MFA) and provides attackers with ongoing access to user accounts, requiring minimal technical skill to use.
Victims are misled by phishing messages that appear legitimate, ultimately allowing attackers to gain OAuth tokens for persistent access to Microsoft services. Users are advised to be wary of unsolicited requests for device codes, to read prompts carefully, and monitor logged-in devices to protect their accounts.