BleepingComputer reports that hackers have become aware of Direct Send, a relatively unknown feature in Microsoft 365 that’s primarily intended for use by on premises printers and scanners that need to send emails as if they were sent from the organization’s domain. According to security firm Varonis, hackers are using the Direct Send feature to send malicious emails that appear to come from a known sender. The emails contain a link to a fake Microsoft form, and when the recipient...
