The Microsoft 365 “Direct Send” loophole: what every business needs to know

Cybercriminals are exploiting Microsoft 365’s Direct Send feature to send emails that appear to come from inside organisations — no account takeover needed. Read how it works and the immediate steps you can take to defend your business.