Comment on Microsoft warning around O365 phishing campaign that abuses ’open redirects’ tool
September 2021 by Kurt Johnson, VP Strategy at Beyond Identity
Following the news that Microsoft has warned Office 365 customers about
a phishing campaign aimed ats stealing passwords - Kurt Johnson, VP
Strategy at Beyond Identity offers the following comment:
_"These types of attacks are, unfortunately, more commonplace. Every
attacker wants access, and every user has it. So, increasingly clever
phishing attacks like these will continue to occur (at an increasing
pace) as ways to try to pry these credentials away from end users. _
_The only way to prevent these is to eliminate the passwords, so there
is nothing that can be phished. Give end users a positive login
experience while taking away the most vulnerable and insufficient
security control - the password. Passwords are the dinosaurs of
information security and we need a meteor to come and take them out
immediately_."