SecurityWeek

Complex Routing, Misconfigurations Exploited for Domain Spoofing in Phishing Attacks

Threat actors abuse complex routing and misconfigured protections to spoof domains and send phishing emails that appear to be ...
Infosecurity Magazine

Phishing Attacks Exploit Misconfigured Email Routing Settings to Target Microsoft 365 Users

“Successful credential compromise through phishing attacks may lead to data theft or business email compromise (BEC) attacks ...
Microsoft

Phishing actors exploit complex routing and misconfigurations to spoof domains

Threat actors are exploiting complex routing scenarios and misconfigured spoof protections to send spoofed phishing emails, ...
The Hacker News

Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing

Attackers exploit misconfigured email routing and weak spoof protections to send internal-looking phishing emails for ...
Cybernews

Your domain, their bait: Microsoft warns businesses on internal email phishing loopholes

Microsoft has witnessed a surge in the use of this tactic since May 2025, as part of opportunistic campaigns targeting organizations across multiple industries and verticals.
CSO Online

Microsoft warns of a surge in phishing attacks exploiting email routing gaps

Threat actors are abusing misconfigured MX records and weak DMARC/SPF policies to make phishing emails look internal, ...
CSOonline

Why domain-based attacks will continue to wreak havoc

Among the numerous cyber threats that enterprises must contend with, domain-based attacks hold a prominent position. These are attacks that target or exploit domain names or DNS infrastructure.

Hackers abuse Google Cloud to send trusted phishing emails

Cybercriminals allegedly sent 9,000+ phishing emails using Google Cloud tools, targeting 3,200 organizations by exploiting ...