Microsoft warns of a surge in phishing attacks exploiting email routing gaps | CSO Online

Microsoft warns of a surge in phishing attacks that exploit email routing gaps by abusing misconfigured MX records and weak DMARC/SPF policies to make messages appear internal, bypassing filters. Organizations can defend against this by ensuring MX records point directly to Microsoft 365 and implementing strict DMARC reject policies and SPF hard fails.