#Microsoft

The empowsec blog publishes articles on security awareness, phishing prevention, social engineering, employee training, and cybersecurity news.

Read current insights, practical guides, and updates for teams working to reduce human security risk.

Topics covered

The blog covers phishing simulations, training programs, reporting behavior, password security, data protection, remote work, and security culture.

#Microsoft

Security awareness tips, industry news, and product updates.

Security team reviewing a suspicious compliance email on a laptop

Phishing & Social EngineeringSecurity Awareness TipsThreat Intelligence

Microsoft AiTM Phishing Alert: Lessons for US Teams

Microsoft is warning US organizations about a sophisticated code-of-conduct phishing campaign using PDFs, CAPTCHA gates, and AiTM token theft. Here is what security teams should watch for next.

Rachel Andersen·5/6/2026·7 min read