8 July 2026

Beware: New Vishing Scam Targets Microsoft 365 Users

A new voice phishing scam is tricking Microsoft 365 users into enrolling in fake security measures, posing risks for businesses.

A recent report highlights a concerning trend where cybercriminals are using voice phishing, or vishing, to target Microsoft 365 users. These attacks involve impersonating security personnel and requesting users to enroll in a fictitious Entra passkey. This type of scam is particularly alarming as it exploits trust and can lead to significant security breaches if successful.


For small businesses in the UK, particularly those using Microsoft 365, this vishing threat underscores the importance of vigilance and robust cybersecurity practices. Employees should be educated to recognise such scams and verify any unusual requests directly with their IT departments before taking action. The potential for data breaches or financial losses means that proactive measures are essential.


This situation also highlights the need for reliable IT support to safeguard against such threats. As cyber-attacks become increasingly sophisticated, having a trusted partner to help manage your security is vital. The original article from BleepingComputer outlines the specific tactics used in these attacks, making it clear that awareness is the first line of defence.


At Hanoto Technology, we understand the challenges small businesses face in navigating the complex landscape of cybersecurity threats. Based in East Sussex, we offer managed IT support and cyber security services tailored for SMEs across Sussex, Kent, and Surrey. If you’re concerned about the implications of this vishing threat or need assistance with Microsoft 365 security, we invite you to get in touch with us for a consultation.

Based on reporting from BleepingComputer.

Hanoto AI Assistant
● Online
πŸ‘‹ Hello! I'm your AI assistant from Hanoto Technology. I can help you understand how AI can transform your business!
Just now