Fortra Intelligence and Research Experts (FIRE) this morning published their analysis of Mirage2FA, a newly discovered Microsoft 365 phishing kit that tricks users into sharing login details and MFA codes. Targeted businesses could experience account takeover, fraudulent payment redirection, data theft, unauthorized access to sensitive documents, and more as a result of an attack.
Mirage2FA uses short-lived HTML smuggling and obfuscated Javascript-loaders in a single phishing workflow, helping it evade detection. It is yet another example of a growing number of phishing campaigns using multiple tactics to successfully bypass 2FA/MFA workflows.
Details here: https://www.fortra.com/blog/mirage2fa-obfuscated-html-loader-delivers-microsoft-365-mfa-phishing-kit
Related
This entry was posted on June 25, 2026 at 11:02 am and is filed under Commentary with tags Fortra. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Mirage2FA phish kit targeting M365 users with obfuscated HTML, stealing MFA codes
Fortra Intelligence and Research Experts (FIRE) this morning published their analysis of Mirage2FA, a newly discovered Microsoft 365 phishing kit that tricks users into sharing login details and MFA codes. Targeted businesses could experience account takeover, fraudulent payment redirection, data theft, unauthorized access to sensitive documents, and more as a result of an attack.
Mirage2FA uses short-lived HTML smuggling and obfuscated Javascript-loaders in a single phishing workflow, helping it evade detection. It is yet another example of a growing number of phishing campaigns using multiple tactics to successfully bypass 2FA/MFA workflows.
Details here: https://www.fortra.com/blog/mirage2fa-obfuscated-html-loader-delivers-microsoft-365-mfa-phishing-kit
Share this:
Like this:
Related
This entry was posted on June 25, 2026 at 11:02 am and is filed under Commentary with tags Fortra. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.