AI campaigns beat phishing tests

Phishing usually works by stealing a password. Microsoft said a new campaign worked better by getting people to authorize the attacker directly through a real sign-in flow. (microsoft.com) The campaign used “device code” sign-in, a Microsoft authentication method built for devices like televisions and printers that cannot type a full password easily. Victims were sent a code and a real Microsoft login page, and entering that code approved the attacker’s session without handing over a password. (microsoft.com) Microsoft Defender researchers said on April 6 that the operation paired that legitimate sign-in method with generative artificial intelligence, automated infrastructure, and on-demand code creation. Campus Technology summarized the finding on April 13 as a shift from password theft to abuse of trusted authentication systems and tokens. (microsoft.com) (campustechnology.com) The key change was timing. Microsoft said attackers generated device codes when a victim clicked, which let them avoid the usual 15-minute expiration window that limits older device-code phishing attempts. (microsoft.com) The lures were tailored to the target’s job. Microsoft said the emails used themes such as requests for proposals, invoices, and manufacturing workflows, and Campus Technology said the reconnaissance phase often started 10 to 15 days before the phishing message arrived. (microsoft.com) (campustechnology.com) Once a victim approved the login, the attackers got authentication tokens, not passwords. Microsoft said those tokens were then used for email theft, Microsoft Graph reconnaissance, and inbox rules that hid or redirected messages to keep access in place. (microsoft.com) Microsoft linked the activity to the rise of EvilToken, which it described as a phishing-as-a-service toolkit behind large-scale device-code abuse. The company also said the campaign used short-lived polling nodes on Railway to scale the operation and make pattern-based detection harder. (microsoft.com) That fits a broader pattern in phishing research: generative artificial intelligence lets attackers send many different messages instead of one template blasted to everyone. A 2024 paper from Kansas State University researchers said that variability makes scam emails harder for security systems to flag before they reach users. (arxiv.org) Security vendors have also been publishing larger estimates of the shift. Dashlane, citing a Harvard Kennedy School study, said AI-powered phishing campaigns reached a 54% success rate versus 12% for traditional attacks, though that figure comes from a vendor summary rather than Microsoft’s April 2026 campaign report. (dashlane.com) Microsoft’s account of this campaign points to a narrower problem than “better emails.” The attack worked because the fake prompt led to a real authorization step, so users who avoided bad links and weak passwords could still be tricked into granting valid access. (microsoft.com)