Will poisoned Office 365 searches affect me outside Canada?

Absolutely — tactics are portable. Any employee with email/payroll access is game.

How do I know if I'm hit by AiTM attacks ?

Check sign-in logs for odd user-agents, repeated non-interactive logins, or mystery inbox rules.

Can passkeys really stop paycheck theft?

Yes — FIDO2 binds to legit sites, blocking proxies cold. Upgrade now.

Hackers Poison Office 365 Searches to Siphon Canadian Paychecks

A single mistyped search for Office 365, and your paycheck could land in a hacker's pocket. Microsoft's Storm-2755 crew pulls off payroll heists with chilling precision.

theAIcatchup Apr 10, 2026 3 min read

Fake Office 365 login page from poisoned search results leading to paycheck redirection

⚡ Key Takeaways

Storm-2755 poisons Office 365 searches to proxy sessions and steal paychecks via HR emails. 𝕏
AiTM bypasses standard MFA; switch to FIDO2 passkeys for real protection. 𝕏
Monitor logs for Axios agents and inbox rules hiding financial keywords. 𝕏

Published by

theAIcatchup

Threat intelligence. Zero noise.

#AiTM attacks #Office 365 phishing #Storm-2755 #payroll theft

Worth sharing?

Get the best Cybersecurity stories of the week in your inbox — no noise, no spam.

Originally reported by HelpNet Security

⚡ Key Takeaways

The 60-Second TL;DR

theAIcatchup

Share this article

Worth sharing?

Related Stories

Storm-2755's Payroll Pirates: Hijacking Canadian Paychecks via Session Theft

Payroll Pirates Steal Microsoft Salaries in Canada: The AiTM Hijack Exposed

Russian Military's SOHO Router Hack Turns Home Networks into Spy Hubs

Figure Breach: When 967K Emails Turn MFA into a Speed Bump

Stay in the loop