General
The Clone Intervention Screen provides users with a visual warning when they visit a malicious copy of the Microsoft login page. This feature helps prevent users from entering their login credentials on fake login pages, protecting them against AiTM (Adversary-in-The-Middle) phishing attacks.
The feature is part of a broader set that collectively forms Login Protection. Read the overarching story here: Attic Login Protection.
Rationale
AiTM attacks are advanced phishing techniques where attackers create fake login pages that appear identical to legitimate Microsoft 365 login pages. These attacks are particularly dangerous because they can bypass traditional security measures such as multi-factor authentication.
Attic Fix
For this check, an automated FIX is available! This fix does not depend on permissions in your Microsoft environment because the configuration is fully managed within the Attic system. It will therefore be offered regardless of your onboarding type in the Microsoft environment.
Impact
This change has the following impact on users and administrators:
- Users will see a visual warning when they visit malicious clone pages
- No impact on legitimate Microsoft login pages
Comments
0 comments
Please sign in to leave a comment.