MFA Is No Longer Enough — Microsoft Just Proved It
Multi-factor authentication has been the gold standard recommendation for enterprise security for the better part of a decade. Security teams, CISOs, and regulators have consistently pointed to MFA as the single most effective measure organisations can take to protect against credential theft. On May 4, 2026, Microsoft published a detailed security blog that shook that confidence: a sophisticated phishing campaign observed between April 14–16 successfully bypassed MFA at over 13,000 organisations across 26 countries, compromising more than 35,000 user accounts using Adversary-in-the-Middle (AiTM) techniques.
AiTM attacks do not crack passwords or brute-force authentication codes. Instead, they position a malicious proxy between the victim and the legitimate service — intercepting authentication tokens in real-time after the user has successfully completed MFA. From the victim's perspective, nothing is wrong. From the attacker's perspective, they now hold a valid session token that grants full account access without ever needing the victim's password or MFA code.
How the Attack Chain Worked
The campaign used a multi-stage attack chain of unusual sophistication. It began with phishing emails using polished, enterprise-style HTML templates — structured layouts, professional typography, and preemptive authenticity statements designed to appear like legitimate internal compliance communications. Subject lines referenced "Code of Conduct" violations, and PDF attachments with official-looking filenames directed recipients to click a "Review Case Materials" button.
That click initiated the credential harvesting flow: first, a Cloudflare CAPTCHA page that served both to add apparent legitimacy and to block automated security sandbox analysis. After passing the CAPTCHA, victims were redirected to an AiTM proxy page that mirrored the Microsoft 365 login interface with pixel-perfect fidelity. When victims entered their credentials and completed MFA, the proxy relayed the authentication in real-time to Microsoft's actual servers — stealing the resulting session token and providing attackers with authenticated access.
The sectors most heavily targeted were healthcare and life sciences (19% of victims), financial services (18%), professional services (11%), and technology and software (11%). Healthcare's disproportionate representation likely reflects both the high value of healthcare data for fraud and the historically weaker security tooling in many healthcare IT environments.
Why 92% of Victims Were in the United States
The campaign's geographic concentration — 92% of compromised accounts were at US organisations — reflects deliberate targeting choices rather than random distribution. US enterprises tend to be the most valuable targets for credential theft due to the higher average value of corporate accounts, stronger integration of Microsoft 365 with financial and business-critical systems, and the larger volume of high-value transactions that flow through compromised accounts.
The concentration also suggests the attackers had specific post-compromise monetisation strategies optimised for US organisations — likely a combination of business email compromise (BEC) fraud, data exfiltration for sale, and ransomware staging. BEC fraud alone cost US organisations over $3 billion in reported losses in 2025, according to FBI Internet Crime Complaint Center data.
What Organisations Need to Do Right Now
Microsoft's disclosure includes specific technical indicators of compromise (IoCs) that security teams should immediately search for in their environments. Beyond reactive investigation, the attack demonstrates why FIDO2 hardware security keys and passkeys — which are genuinely phishing-resistant because they bind authentication to specific domain names — are the only MFA methods that would have prevented this attack. SMS OTPs, authenticator app codes, and push notifications are all vulnerable to AiTM interception.
Microsoft's own recommendation in the security blog is the adoption of Conditional Access policies that require compliant devices and phishing-resistant MFA methods for all access to business-critical applications. Additionally, organisations should evaluate Microsoft Entra ID Protection's token protection policies, which bind tokens to specific devices and make stolen tokens significantly harder to use.
The FBI's Parallel Warning: Kali365 Bypasses MFA at Scale
Microsoft's disclosure arrived alongside a separate FBI warning about Kali365, a phishing-as-a-service kit targeting Microsoft 365 environments that has compromised hundreds of organisations using similar MFA bypass techniques. Kali365 is sold on dark web forums for a subscription fee, meaning that AiTM attack capability — once the domain of sophisticated nation-state actors — is now accessible to criminal groups with modest technical skills and budgets.
The democratisation of advanced attack techniques is one of the most concerning trends in enterprise cybersecurity. When the tools required to bypass MFA are available as a subscription service, the gap between the most sophisticated attackers and the average criminal narrows dramatically. Every organisation that has treated MFA as a sufficient endpoint for their authentication security programme needs to revisit that assumption now.
