A new phishing method known as device code phishing is on the rise. Unlike traditional phishing scams, this technique doesn’t try to steal your username and password. Instead, it uses legitimate Microsoft login pages to trick users into authorising access to their accounts.
By entering a short “device code” provided in a fake email—often disguised as a Teams meeting request or other internal communication—users may unknowingly grant attackers access to their Microsoft account. And because the login uses official Microsoft authentication flows, it can bypass multi-factor authentication (MFA) and appear completely legitimate.
Once inside, attackers can:
Read emails and access sensitive files
Impersonate team members to spread further attacks
Move laterally through your systems
Maintain access even after passwords are changed
What can your business do?
Raise awareness across your team about this tactic
Disable device code authentication if it’s not in use
Implement conditional access policies to limit sign-ins to trusted locations and devices
Monitor for unusual login activity and act quickly on alerts
At Myriad, we help businesses strengthen their Microsoft 365 environments with clear guidance, smart configuration, and ongoing support.
Let’s make sure your team stays protected.
📞 Get in touch with Myriad today to review and improve your Microsoft security.