Ongoing Campaign Abuses Microsoft 365'S Direct Send To Deliver Phishing Emails
Varonis, June 27,2025
Varonis Threat Labs uncovered a phishing campaign with M365's Direct Send feature that spoofs internal users without ever needing to compromise an account.
Varonis Threat Labs has uncovered a novel phishing campaign targeting more than 70 organizations. In this post, we dive into the specifics to help you better understand what happened, how to detect the attack and how to prevent it moving forward.
This campaign exploits a lesser-known feature in Microsoft 365: Direct Send.