This New Microsoft 365 Attack Can Break Through Your 2FA

The Rockstar 2FA phishing kit is a unique set of malicious tools that cybercriminals can purchase on the black market for $200. This kit gives the criminals everything they need to break into someone’s Microsoft 365 account, even if they have 2FA enabled.

I had to learn the hard way 2FA isn’t impenetrable. It’s always a good idea to use a password manager with obnoxiously long and unique random generated passwords. Never click on a link anywhere unless you’re 100% sure it’s legit. Anyone can fall for a phishing scam.