Microsoft has raised an alarm about a new multi-phase phishing campaign that first enrolls an attacker’s BYOD device on a corporate network and then begins sending thousands of convincing phishing emails to further targets. The purpose of enrolling or registering a device on a target company’s network was to avoid detection during later phishing attacks, according to Microsoft.
Read full article on ZDNet