BOOK A CALL WITH US

Microsoft: Criminals can access your accounts without your password

Microsoft: Criminals can access your accounts without your password

Have you ever felt like just when you’ve nailed your cyber security – BAM! – something new comes along to throw a spanner in the works?

That’s exactly what’s happening right now.

There’s a new scam doing the rounds. And it’s catching out businesses just like yours.

The worst part?

Cyber criminals don’t even need your password.

Scary…

It’s called device code phishing. It’s a clever trick that’s becoming more and more popular. Microsoft recently flagged a wave of these attacks, and we’re likely to see many more.

This one’s different to the usual phishing scams you’ve probably heard about. Normally, phishing is all about tricking people into giving away their usernames and passwords on fake websites.

But with device code phishing, scammers play a smarter game.

Instead of stealing your password, they get you to voluntarily give them access to your account. And they do it using real Microsoft login pages, so it looks totally legit.

It usually starts with a convincing email. Maybe it looks like it’s from your HR person, or a colleague, inviting you to a Microsoft Teams meeting. You click the link, and it takes you to a real Microsoft login screen.

Nothing seems out of place.

You’re asked to enter a code. Just a short one, called a “device code.” This code is supplied in the email, and you’re told it’s needed to join the meeting or finish logging in.

Here’s the catch: By entering that code, you’re not logging yourself in… you’re logging them in.

You’re unknowingly giving the attacker access to your Microsoft account on their device. And because the login goes through the proper channels, it can even bypass multi-factor authentication (MFA).

Yep, even if you’ve got extra security in place, they might still get in.

Once they’re in, they can do a lot of damage. Reading your emails, accessing your files, even using your account to trick others in your company. It’s like handing over the keys to your office and you don’t even realise it.

It’s dangerous because it doesn’t look suspicious. You’re on a real Microsoft site, not some suspicious fake. You didn’t click a weird link or enter your password into a phishing form. Everything looks above board… except it’s not.

And because attackers are using legitimate Microsoft login flows, traditional security tools don’t always catch it.

Plus, once they’re in, they can stay in. They don’t need to keep logging in if they’ve captured your session token (that’s a sort of digital “pass” that keeps you logged in behind the scenes). So even changing your password won’t necessarily kick them out right away.

A big question then: How can you protect your business?

Start by getting your team to be extra cautious with login requests. Especially ones that involve entering codes. If you get a device code from someone, stop and think: Did I request this? Do I know for sure this is real?

If you’re not sure, don’t go through with it. Use a separate method, like a direct phone call or your company’s messaging system, to double-check with the person who sent the email.

Remember, real Microsoft logins don’t involve someone else giving you a code to enter. If that ever happens, it’s a red flag.

From a technical side, your IT team (or IT provider) can also tighten things up. If your business doesn’t need device code login as part of its daily operations, it’s safest to turn it off altogether. They can also put in place extra security rules that only allow logins from trusted locations or devices.

And finally, keep training your people. Good cyber security is about awareness. If your team knows what to look out for, they’re much less likely to fall for these kinds of tricks.

Can we help you tighten up your security? Get in touch.

May I take this opportunity in thanking you for your prompt action in dealing with our hardware problem last week. We were in jeopardy of not being able to pay some clients employees at the end of last month and although we needed to work additional hours we fulfilled our deadlines on time.
Infinity Business Solutions - a company aptly named! They always provide solutions, they're always business like and offer no end of help and advice. It gives us great confidence to know that Infinity are on board.
I just wanted to say thank you for all the hard work put in supporting our systems It is really appreciated that you are on the ball  and I really feel that we can rely on Infinity when it counts.
The staff at Infinity are always cheerful, courteous & helpful and pretty much resolve problems first time. Nothing is ever too much problem and they even are prepared to help outside of hours when urgent help is needed. Keep up the good work...and don't lose the personal touch!
Infinity understand that down time is the most important issue and do all they can to ensure that our staff have minimal down time when experiencing problems.
Infinity understand that down time is the most important issue and do all they can to ensure that our staff have minimal down time when experiencing problems.
You don’t know how good it is not having SPAM arriving every 3 minutes! I’ve received no SPAM since 4pm yesterday ... nothing in my Inbox, Junk Mail folder or caught by the SPAM controls within Exchange. Perfect!
Having benefitted from Infinity’s support since 2013, we remain impressed with their technical ability and focused approach to keeping our IT systems updated and working as they should. After using a larger IT support company we chose Infinity because of their size, with them being big enough to cope, but small enough to care. We made the right choice - the quality of their service has always been excellent, and we’ve come to regard them as part of the team.
Unfortunately our business suffered a ransomware attack however thanks to Infinity’s support we were able to get by with minimal downtime. Rob and the team worked tirelessly throughout Friday and Monday and over the weekend to ensure we weren’t left negatively affected by the event. We were very glad for the great back ups and systems that we had invested in thanks to Infinity’s past recommendations.
Ruth D.
08:27 13 May 25
Great, professional service on every communication - thank you
Julie H.
08:45 26 Feb 25
Infinity have always responded to my IT queries with minimal delay and are so knowledgeable. I am a real 'technophobe' and they are always so friendly and supportive to my needs, as sometimes I feel embarrassed by my lack of basic IT knowledge, however they always put me at great ease and resolve my queries effectively and efficiently. Highly recommend.
Josh M.
09:32 17 May 24
We had an urgent issue with our servers and were in need of a local IT Company to help us rectify the issue. Infinity were straight on the case, Martin and his team were able to come and fix the issue on the same day, fantastic customer service and would recommend for anyone looking for IT support. Couldn't recommend highly enough.
Anna G.
22:08 07 Jan 24
Thank you team for dealing with my issue so quick. A member of staff was on the case immediately when it was reported and managed to resolve the problem asap. With nearly 10 years of using their service, I can say with no doubt that this is a very reliable company which provide an outstanding service. I recommend them and would make a business with them if I had my own company.
David M.
13:31 08 Nov 23
Infinity know our business inside out, which is extremely helpful when new users come on board. When ever we raise a support ticket thier professionalism and expertise is always evident. I would recommend Infinity Business Solutions to anyone that is looking for an IT company that sets the standard of excellence.
Michelle C.
10:19 18 Oct 23
We have been with Infinity Business Solutions for a few years now, so have built a great relationship with them. They are obviously very helpful and very good at sorting out your issues.For me, where they go the extra mile is that they take time to get to know you and your company and it's like having a systems team on hand working just for you.
Sabrina *
08:07 06 Oct 23
The Infinity Business Solutions Team truly impressed me! Their professional approach and problem-solving mentality are outstanding. Thanks to their support, I was able to successfully resolve my issue. I also greatly appreciate their accessibility and the friendly collaboration with this team. Overall, I am extremely satisfied and highly recommend their services.
Katie B.
20:00 03 Oct 23
Kris was extremely helpful with supporting in trouble shooting issues and hotspoting maintenance. Would recommend these guys great knowledge and reliable service
Mark J.
11:16 03 Oct 23
We started working with the splendid people at Infinity Business Solutions several months ago and immediately they saved us a considerable amount of money. Since then, they have been super quick in responding to our queries and concerns and we are already exploring ways we can work more closely with them.We have total confidence in them looking after our IT and cyber security which are not only critical to the well being of our business, but also our own!We highly recommend a conversation with them.
Jenny B.
17:50 29 Sep 23
Following an introduction to Martin via the friendly yet professional service of Stacey I was assured by the simple yet knowledgeable advice given to enhance my IT systems.Thank you and I would be pleased to recommend Infinity to other small businesses in need of IT support.
Lana mkw S.
12:16 27 Sep 23
My internet and outlook were not working on my computer, contacted the team who not only resolved the issue but it was done ‘painlessly’, quickly with very clear instructions. Thank you all so much
rebecca B.
16:19 25 Sep 23
Thank you so much to Rob and Kris for fixing my recent email issues, very friendly and efficient and didn't give up until the problem was solved!!
John R.
14:19 25 Sep 23
Fast response, fantastic service, knowledgeable and very friendly. Have known & used them for many years and they have always been the same. Wouldn't hesitate to recommend them.
KUKILA P.
07:50 25 Sep 23
Impeccable service every time by Infinity. Each and every team member are extremely patient and kind... I am not an IT pro and Rob and Kris patience is TOP LEVEL.... They deserve a MILLION stars not 5 THANK YOU VERY MUCH FOR YOUR PATIENCE AND KINDNESS
Karen
08:08 19 Jul 23
Rob is a star!! My son was having issues where the gaming was just not running to the speed it should be, we had exhausted all other options and Rob was very knowledgeable and it’s now fixed and I have a very happy son again :) Thank you 😊
Kara S.
13:43 27 Jun 23
From start to finish, the team at IT were approachable and knowledgeable. They took a stressful situation where I had accidentally lost my Inbox and systematically worked through it until they found a resolution that worked. Highly recommend them.
Karen F.
15:51 07 Mar 23
Rob, the Ops Director at Infinity worked his magic on my laptop yesterday which had been running run time errors and annoying space issues for a long time. I had been living with it driving me mad, so it was such a quick and easy process for Rob. He talked me through things too, so that I understood what he was doing. Don't live with those laptop glitches. Book an appointment with Infinity Business Solutions. Highly recommended.
Richard B.
19:52 02 Dec 20
My laptop was performing well below it’s best and slowing down all my day to day tasks and putting pressure on my effective use of time. But after a very product call with Kris from the support team he dialled into my system and put all the wrongs right. Fantastic outcome with no fuss. Thank you Infinity BS.
Andrea B.
19:43 02 Dec 20
Great service , professional and friendly, always happy to help.
Warrick S.
15:39 09 Sep 20
Good guys and excellent service. Will go the extra mile to resolve an issue.
Stephen R.
09:49 18 Mar 19
We've worked with Infinity BS for a number of years and would highly recommend their services. The attention to detail and technical experience is fantastic.
Andy N.
16:28 11 Sep 14
The company I work for have used Infinity for many years and I personally have worked with them over the past 12 months. They are by far the best IT support company I have dealt with, always willing to go the extra mile with inevitable software issues and third party communications. All a pleasure to deal with, particularly Rob and Martin who are particularly knowledgable.
js_loader

NAVIGATION

FOR CUSTOMERS

FOLLOW US

OUR LOCATION

Infinity Business Solutions Ltd
5 Arlington Square
Bracknell
Berkshire
RG12 1WA
tel: 0118 3130 300 / 01344 302 300

© 2025 Infinity Business Solutions Ltd