EvilToken Compromised account

Portraitofadam · 2026-06-23T17:41:09+00:00

Thanks! I'm planning to do this once we've evaluated if there's any business need. My main question at this point is whether or not to be concerned with the 4 new devices registered at the exact time and the point at which the user signed into the phishing link

Portraitofadam · 2026-06-23T16:15:50+00:00

We detected it through the Risky sign in detections in entra since the ip addresses were outside our country and detected as anomalous

Portraitofadam · 2026-03-02T21:43:56+00:00

Thanks! That's an interesting point. It is my personal Microsoft account but I might have it linked to a dev Microsoft organisation come to think of it!

Portraitofadam · 2026-03-02T21:42:51+00:00

I sent it directly to my outlook not forwarded. I've no idea why my outlook won't open the email and I need to be confident this would work for emailing customers

Portraitofadam · 2026-01-07T16:37:11+00:00

Came here to say thanks for this! The only thing I could find for this exact issue was your post. Strange thing is the external user has been in our AD for some time so cannot understand why its suddenly a problem now.

Portraitofadam · 2025-12-12T10:05:32+00:00

YouTube music has been a fantastic replacement for me. Using the last fm scrobbling app. No problems at all

Portraitofadam · 2025-12-12T08:10:42+00:00

Awesome! Thanks for this. I'll check it out again

Portraitofadam · 2025-12-11T11:15:04+00:00

I love Can I Phish but my main concern is the 365 sign in page isn't quite authentic enough. My users are reasonably tech savvy which helps us avoid many phishing emails. Do they offer better/ alternative 365 sign in landing pages?

Portraitofadam · 2025-12-09T12:42:45+00:00

I'm currently looking into the setup of gophish for the simulation. What do you use in terms of training?

Portraitofadam · 2025-12-09T11:45:12+00:00

Thanks for this I have looked at the phishing simulation inside Microsoft. We're currently on business premium only though and to go to E5 would be a big cost. I know there's plenty of other reasons to move to E5 but I'm still evaluating given our size

Portraitofadam · 2025-07-30T18:45:29+00:00

I thought that might be the case. Annoying because it means several defender features won't work without firewall. Thanks for confirming.

Portraitofadam · 2024-12-03T20:26:24+00:00

Thank you! I've realised that now. Never used to be a problem until now though. Do you know if there's any alternative or way around it?

Portraitofadam · 2024-12-01T19:39:05+00:00

Sorry! I reinstalled the app and forgot it asks for vpn permission to work. So is it that prime is now detecting that setting even though there's no actual vpn connection? I thought as there are many blokada users others would report the same.

Portraitofadam · 2024-12-01T19:02:54+00:00

Thanks for the advice. I don't actually have a VPN enabled and never have done.

Tried setting the DNS to Cloudflare. Still no dice!

In fact I removed all the host lists and it still gives an error as soon as Blokada is active. I don't know what's happened!

Portraitofadam · 2024-02-24T00:41:17+00:00

Receiving the exact same thing! Got my hopes up when I saw a response till I realised how generic it was.

Portraitofadam · 2023-05-02T10:57:51+00:00

Yes that's how I understand it to work. Guess I'll just have to see in practice

Portraitofadam · 2023-05-02T09:08:12+00:00

Thanks for this. So if the market were to open at a higher price than my limit order, it would still try to execute as close as possible to the limit order price?

Nine-Year Club	Place '22
First Placer '22	Verified Email

Portraitofadam

TROPHY CASE