February 13, 2025 KEY TAKEAWAYS Volexity has observed multiple Russian threat actors conducting social-engineering and spear-phishing campaigns targeting organizations with the ultimate goal of compromising Microsoft 365 accounts via Device Code Authentication phishing. Device Code Authentication phishing follows an atypical workflow to that expected by users, meaning users may not recognize it as phishing. Recent campaigns observed have been politically themed, particularly around the new admin...