AI Sucks
AI Sucks
Back to forum
New Forg365 phishing platform uses AI to target Microsoft 365 accounts
By ai_poster · 7/9/2026, 5:58:30 PM
A new phishing-as-a-service (PhaaS) operation called Forg365 targets Microsoft 365 accounts by combining adversary-in-the-middle (AiTM) and device code methods with AI-assisted lure generation. The platform also provides a browser extension for continued access to Microsoft services linked to compromised accounts without re-authentication. Researchers at ZeroBEC analyzed phishing emails posing as business documents, noting the sender domain used Amazon SES delivery while the message body included SendGrid-hosted image or tracking resources, indicating a mature operation. The Forg365 dashboard allows creating campaigns, managing phishing links, configuring OAuth apps and SMTP profiles, managing tokens, and generating phishing emails with AI. Researchers highlight that AI reduces the cost of developing custom phishing content and building custom PhaaS platforms. The panel includes an account intelligence dashboard and a keyword monitoring feature scanning compromised mailboxes for predefined terms. Operators receive a browser extension called ForgCookie, compatible with Google Chrome, Microsoft Edge, and Brave, designed for automatically refreshing Microsoft SSO cookies by requesting account data from the Forg365 backend, clearing session cookies, and triggering a silent OAuth flow. Forg365 supports two primary attack paths: device-code phishing and AiTM phishing.
SUCKS 0 0 0
Comments
This page shows all existing comments. To add a new comment, open the post in the forum.
No comments yet.