EvilTokens is revolutionizing business email compromise by combining stolen Microsoft 365 tokens, automation, and AI. This new platform lets anyone launch targeted BEC attacks in minutes, signaling a dangerous shift in cybercrime tactics.
A new phishing-as-a-service kit called EvilTokens is arming cybercriminals to hijack Microsoft accounts and automate business email compromise attacks worldwide, with advanced features and expanding capabilities.
EvilTokens is revolutionizing phishing attacks by exploiting Microsoft’s device code flow and automating business email compromise at scale. Discover how this service works, who it targets, and why it signals a new era of industrialized cybercrime.