New Pink Extortion Group Targets Microsoft 365 Cloud Data Via Vishing Scams

The Pink Extortion Group utilizes voice phishing to manipulate employees into revealing credentials, allowing them to bypass multi-factor authentication and steal sensitive Microsoft 365 cloud data. By impersonating IT staff, these threat actors gain unauthorized access to corporate environments to conduct financial extortion.