Phishing Attack Targets Microsoft ADFS to Steal Credentials and Bypass MFA

February 4, 2025Source: IT Pro

Found this useful? Share it with your network

A new phishing campaign is leveraging Microsoft’s Active Directory Federation Services (ADFS) to steal user credentials and circumvent multi-factor authentication (MFA). According to research from Abnormal Security, attackers are creating convincing spoofed ADFS sign-in pages that resemble legitimate portals to deceive users into providing their credentials and secondary authentication codes. The campaign starts with emails that impersonate urgent IT helpdesk notifications, featuring obfuscated URLs and dynamic organizational branding to enhance credibility. Post-compromise, attackers also implement covert mail filters to intercept responses and maintain persistence, with over 150 organizations reportedly targeted.

Read Full Article

Opens on IT Pro

More News

AMA Asking For Stronger Safeguards on AI Mental Health Chatbots

April 29, 2026MobiHealthNews

Andrea Daugherty Appointed Chief Information and Digital Transformation Officer at ARMC

April 24, 2026arrowheadregional.org

Craig Richardville Appointed Chief Digital and Information Officer at UF Health

April 13, 2026ufhealth.org

Former AMA Exec Margaret Lozovatsky Named CDIO At Premier Health

April 10, 2026premierhealth.com

Signature Healthcare Diverts Ambulances Following Cybersecurity Incident

April 8, 2026SecurityWeek

More Than 100 Hospitals Suing HHS Over Alleged Underpayment

April 6, 2026MedCity News