Warning! This Microsoft 365 feature can be used to steal your passwords

BleepingCompute reports that hackers have become aware of Send Direct, a relatively unknown feature in Microsoft 365 which is mainly intended to be used by printers and on-site scanners who must send emails as if they were sent in the organizational domain.

According to the Varonis security company, hackers use the direct sending functionality to send malicious emails that seem to come from a known sender. E-mails contain a link to a false Microsoft form, and when the recipient is in their connection details, these details are intercepted.

Since May 2025, around 70 companies and organizations have been affected by the phishing campaign, mainly in the United States.

According to Microsoft, Direct Send is a secure feature, but it forces users to configure the right parameters and properly lock their smart host, which does not always happen. “We recommend direct sending only for advanced customers ready to assume the responsibilities of email server administrators,” explains Microsoft.

To minimize the security risks involved, the users concerned are encouraged to activate the new “Reject Direct Send” parameter in the Exchange administration center, which was introduced in April 2025.

Read more in -depth: You must know these common phishing scams for which too many people fall for