Aside from having prefabricated phishing attack pages set up for them, subscribers to the MFA bypass service get the benefit of interception of the user's 2FA token as they complete their login.
Microsoft discovered a coordinated phishing campaign targeting Office 365 users and leveraging an Adversary-in-the-Middle (AiTM) MFA bypass to execute business email compromise (BEC) attacks and commit fraud.


