Over the past three months, our threat analysts have noticed a significant spike in attackers abusing Microsoft 365’s Direct Send feature—a tool intended for devices like printers or scanners to send internal emails without authentication. Unfortunately, threat actors have found a way to exploit this convenience, slipping past critical email security checks like SPF, DKIM, and DMARC.

The post Inside Job: Attackers Are Spoofing Emails with M365’s Direct Send appeared first on Security Boulevard.

James Savard

Source: Security Boulevard
Source Link: https://securityboulevard.com/2025/07/inside-job-attackers-are-spoofing-emails-with-m365s-direct-send/?utm_source=rss&utm_medium=rss&utm_campaign=inside-job-attackers-are-spoofing-emails-with-m365s-direct-send