![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 37%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMK%3C/text%3E%3C/svg%3E)
1,986 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(51.2, 18%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESH%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 0%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVM%3C/text%3E%3C/svg%3E)
@Manish Kumar Thanks for reaching out. The attack mentioned in the article has been targeted to users to look legitimate and use the benefit of less secured Authentication methods (Like No MFA or other security keys Like FIDO).
Any Advance protection tools look for suspicious flag like blocked flagged domains, spoof intelligence and lots of other things. While we do have many services at place to prevent phishing and other known attacks, like
Anti-Fishing protection in Microsoft 365
Spoof Intelligence in EOP and Configure anti-phishing policies in EOP
but despite all these things a hacker would find something to attack unless we build the core strong with something they cannot have.
If you look at this image you would know the importance of password less authentication
So if we are really to prevent these kind of things, you must consider :
https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-passwordless
The organization should also educate their high risk user about this kind of attempts and use this attack simulator to spread awareness :
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/attack-simulator?view=o365-worldwide
-----------------------------------------------------------------------------------------------------------------
If the suggested response helped you resolve your issue, please do not forget to accept the response as Answer and "Up-Vote" for the answer that helped you for benefit of the community.
