Security

Device Code Phishing: AI-Driven Campaign Escalates

3 min read

Summary

Microsoft Defender Security Research detailed a large-scale phishing campaign that abuses the OAuth device code flow using AI-generated lures, dynamic code generation, and automated backend infrastructure. The campaign raises the risk for organizations because it improves attacker success rates, bypasses traditional detection patterns, and enables token theft, inbox rule persistence, and Microsoft Graph reconnaissance.

Need help with Security?Talk to an Expert

Introduction

Microsoft has disclosed a major evolution in device code phishing, showing how attackers are combining generative AI, automation, and cloud-hosted infrastructure to compromise Microsoft accounts at scale. For security teams and Microsoft 365 administrators, this matters because the campaign targets legitimate authentication flows rather than stealing passwords directly, making it harder to detect with traditional controls.

What’s new in this campaign

According to Microsoft Defender Security Research, the activity builds on earlier device code phishing tradecraft but adds several important advances:

  • AI-enabled phishing lures: Attackers used generative AI to create highly personalized emails tied to job roles and business scenarios such as invoices, RFPs, and manufacturing workflows.
  • Dynamic device code generation: Instead of relying on pre-generated codes that expire in 15 minutes, the device code is created only when the user clicks the phishing link.
  • Automated cloud infrastructure: Threat actors used platforms such as Railway, Vercel, Cloudflare Workers, and AWS Lambda to deploy short-lived infrastructure and redirect chains.
  • Blended-in traffic: Redirects through trusted cloud services help the activity avoid simple blocklists and reputation-based defenses.
  • Post-compromise token abuse: Once a victim completes the device login flow, attackers use the token for email exfiltration, inbox rule creation, and Microsoft Graph reconnaissance.

Why this is different

Traditional phishing usually tries to capture credentials. In this case, the attacker tricks the user into approving a legitimate Microsoft device login session that the attacker initiated. Because the authentication happens on Microsoft’s real device login page, users may be less suspicious, and MFA can be less effective if the session is not strongly bound to the original context.

Microsoft also links this trend to EvilToken, a phishing-as-a-service toolkit driving broader device code abuse. The use of automation and AI marks a significant step up from the Storm-2372 campaign documented in 2025.

Impact on IT administrators

Security and identity teams should expect:

  • More convincing phishing emails targeting high-value users
  • Increased abuse of legitimate OAuth and Microsoft sign-in flows
  • Token-based compromise without password theft
  • Persistence through malicious inbox rules and hidden mail redirection
  • Reconnaissance against organizational structure via Microsoft Graph

Administrators should review Microsoft’s mitigation guidance and prioritize:

  • Monitoring for suspicious device code authentication activity
  • Investigating unexpected inbox rules and token-based access patterns
  • Hardening conditional access and sign-in risk policies where possible
  • Training users to treat unsolicited device login prompts as suspicious
  • Hunting for suspicious redirects, impersonation domains, and cloud-hosted phishing infrastructure

This research is a reminder that phishing defenses must now account for legitimate authentication workflows being abused, not just fake login pages and stolen passwords.

Need help with Security?

Our experts can help you implement and optimize your Microsoft solutions.

Talk to an Expert

Stay updated on Microsoft technologies

device code phishingMicrosoft DefenderOAuthtoken theftphishing

Related Posts

Security

Cloud Security Posture Management Trends for 2026

Frost & Sullivan’s 2025 Frost Radar shows cloud security posture management is shifting from periodic compliance checks to continuous, risk-based governance within CNAPP platforms. For IT and security teams, the key takeaway is clear: prioritize tools that unify posture, identity, workload, and data signals to reduce risk faster across multicloud environments.

Security

Microsoft CSP Security: New Partner Ecosystem Protections

Microsoft outlined how it is strengthening security across its Cloud Solution Provider ecosystem to reduce partner-led attacks on customer environments. The update focuses on tighter partner vetting, mandatory tenant security requirements, least-privilege access through GDAP, and stronger monitoring and response capabilities.

Security

Microsoft Frost Radar 2026: Cloud Runtime Security

Microsoft has been named a leader in Frost & Sullivan’s 2026 Frost Radar for Cloud/Application Runtime Security, highlighting its unified approach to cloud and application risk reduction. The recognition matters to security teams because it reflects a broader market shift toward prioritizing exploitable attack paths across code, cloud, runtime, identity, and SOC workflows.

Security

Quantum-Safe Security: Microsoft Targets 2029

Microsoft is accelerating its quantum-safe security roadmap and now aims to transition critical products and services to post-quantum cryptography by 2029. The update matters because IT teams need to start cryptographic inventory, crypto-agility planning, and TLS 1.3 modernization sooner as the risk timeline for quantum attacks moves closer.

Security

Securing AI Agents: MCP Tool Poisoning Risks

Microsoft Incident Response warns that as AI agents move from reading content to taking actions, poisoned Model Context Protocol (MCP) tool metadata can silently redirect agent behavior and expose sensitive data. The guidance outlines how to detect, contain, and prevent this emerging supply chain risk using controls across Copilot Studio, Entra, Purview, Defender, and Sentinel.

Security

Microsoft Security June 2026: Key Updates for IT

Microsoft’s June 2026 security updates introduce new protections for AI agents, stronger identity recovery in Entra, expanded multicloud coverage in Defender for Cloud, and more flexible reporting in Purview. These changes matter for IT and security teams because they improve visibility, speed remediation, and help protect identities, data, endpoints, and cloud workloads across hybrid environments.