The Telegram-distributed service combines AI-assisted lures with device-code phishing and attacker-side session refresh, complicating containment after an account is breached.
A newly documented phishing-as-a-service platform distributed through Telegram is lowering the technical barrier to Microsoft 365 account takeovers by giving less-skilled attackers automated tools to evade some authentication controls and retain access after compromise.
The platform, called Forg365, uses AI-assisted lure creation alongside device-code abuse and adversary-in-the-middle techniques, according to research published by security company ZeroBEC.
Forg365 was offered with a five-day free trial, followed by subscriptions priced at $400 per month or $3,800 per year, the researchers said.
Customers can build phishing lures and control email delivery through a single operator panel. They can also manage captured account data and monitor compromised Microsoft 365 mailboxes. The service includes templates that impersonate widely used business platforms such as DocuSign, Adobe Acrobat Sign, SharePoint, and OneDrive.
“Phishing-as-a-service has been around for quite a few years,” said Jonathan Ong, senior analyst for managed security services at Omdia. “But the degree to which AI is integrated into Forg365 and enables users is what makes it concerning.”
Forg365’s significance lies in the industrialization and productization of the operator workflow, according to Devashri Datta, a cybersecurity researcher. “It integrates AI-assisted lure creation, evasion, and post-compromise mailbox operations into a subscription service distributed through Telegram,” Datta said.
How Forg365 works
ZeroBEC said the campaign it investigated began with an email built around a business-document and remittance-approval pretext. The message relied on legitimate cloud and email services before sending the recipient through several redirects.
Forg365 classified visitors before deciding whether to display a device-code phishing page, an adversary-in-the-middle flow, or a harmless decoy.
In the device-code attack, the victim is directed to a legitimate Microsoft authentication process and persuaded to enter a code that authorizes a session controlled by the attacker. The involvement of genuine Microsoft infrastructure can make the request appear credible.
The platform can also relay authentication through an adversary-in-the-middle attack and capture session information. ZeroBEC said suspicious visitors were diverted to a benign page, helping the operators conceal the phishing flow from researchers and automated security tools.
Complicating incident response
A browser extension called ForgCookie allows attackers to generate and refresh Microsoft single sign-on cookies from their own browsers, ZeroBEC said.
Forg365 also advertises tools for keeping sessions active and monitoring a compromised inbox. Read-only access to the mailbox can then be shared through a password-protected link.
As a result, resetting a password may not remove the attacker. Stolen refresh-token material or an attacker-controlled session could remain usable after the password is changed. Any devices registered during the compromise must also be investigated.
“CISOs should treat two controls as co-equal priorities rather than sequential ones,” Datta said, referring to tightly restricting device-code authentication and deploying phishing-resistant MFA such as FIDO2 or WebAuthn passkeys.
Organizations that do not require device-code authentication should consider blocking it in Microsoft Entra ID, said Keith Prabhu, founder and CEO of Confidis. This can disrupt the device-code component of a Forg365 campaign, although it would not stop attacks that rely on adversary-in-the-middle techniques or stolen session cookies.
Companies that still depend on device-code authentication should identify legitimate uses before imposing a broader restriction. Exceptions may be needed for some command-line tools, conference-room systems or other devices with limited input capabilities.
Deploying phishing-resistant authentication may also require hardware security keys or managed smartphones and could increase support requests during the transition, Datta said.
After detecting a compromise, response teams should revoke active refresh tokens and terminate existing sessions. Prabhu also recommended reviewing and revoking unauthorized OAuth permissions. Because ForgCookie runs in the attacker’s browser, defenders should look for repeated silent sign-ins and non-interactive Microsoft Graph activity from unfamiliar addresses, according to ZeroBEC.
Mailbox forwarding rules and delegated access should be reviewed for unauthorized changes, Prabhu said. Such changes could allow attackers to monitor communications or retain access after a password reset.
“IR teams should audit newly registered devices and remove any that cannot be attributed to the user,” Datta said. Teams should also check whether an attacker enrolled an unauthorized authenticator application or passkey during the compromise, she added.
ZeroBEC found that some devices registered during its investigation had names beginning with “Forg365,” giving defenders a possible indicator of compromise.
Facts Only
Forg365 is a phishing-as-a-service platform distributed through Telegram.
The service targets Microsoft 365 accounts.
Forg365 utilizes AI-assisted lure creation and device-code phishing.
The platform employs adversary-in-the-middle techniques to capture session information.
Subscription pricing is $400 per month or $3,800 per year, following a five-day free trial.
Lure templates impersonate DocuSign, Adobe Acrobat Sign, SharePoint, and OneDrive.
ForgCookie is a browser extension used to generate and refresh Microsoft single sign-on cookies.
The service provides tools to monitor compromised mailboxes and share read-only access via password-protected links.
ZeroBEC is the security company that published the research.
Some registered devices in the investigated campaign began with the name "Forg365."
Executive Summary
Forg365 is a subscription-based phishing-as-a-service platform that lowers the technical barrier for attackers to compromise Microsoft 365 accounts. By integrating AI for lure creation and utilizing Telegram for distribution, the service allows low-skill operators to automate the process of evading authentication controls. The platform employs a multi-pronged attack strategy, switching between device-code phishing, adversary-in-the-middle flows, and decoy pages based on the target's profile.
A critical challenge for incident response is the use of the ForgCookie extension and stolen refresh tokens, which can maintain attacker access even after a password reset. Security experts recommend a dual-priority defense: blocking device-code authentication where unnecessary and deploying phishing-resistant MFA, such as FIDO2 or WebAuthn passkeys. Recovery requires not only password changes but also the revocation of active sessions, audit of registered devices, and review of mailbox forwarding rules and OAuth permissions.
Full Take
The strongest version of this narrative is that the "industrialization" of phishing—shifting from bespoke attacks to a scalable, AI-enhanced subscription model—creates a systemic risk where the volume of attacks may outpace traditional defense updates.
The primary pattern here is the democratization of sophisticated cyber-weaponry. By abstracting the complexity of session hijacking and token refresh into a user-friendly dashboard, Forg365 transforms a highly technical exploit into a commodity. This echoes the historical shift from manual malware coding to the "Ransomware-as-a-Service" (RaaS) model. The underlying assumption is that the "human element" remains the weakest link, and AI is simply the tool to optimize the exploitation of that weakness.
The second-order consequence is a forced migration toward "phishing-resistant" hardware. While this increases security, it creates a new dependency on physical tokens or managed hardware, potentially increasing the support burden on organizations and creating a friction point for user productivity. The benefit accrues to security vendors and hardware manufacturers, while the cost is borne by the end-user in the form of reduced convenience and increased surveillance of their registered devices.
Patterns detected: none
If this were a coordinated influence campaign, the playbook would use the "fear of AI" to drive urgent, panic-based procurement of specific security products, framing the threat as an unstoppable autonomous force rather than a tool used by human operators. The actual content avoids this by providing specific, actionable technical remediations.
Bridge Questions:
1. If the technical barrier to entry continues to drop, does the solution lie in better technology, or in a fundamental redesign of how we trust digital identity?
2. To what extent does the focus on "AI-assisted" lures distract from the more fundamental architectural vulnerabilities of the device-code flow itself?
3. How does the reliance on "phishing-resistant" hardware change the power dynamic between an employee and their IT department?
Sentinel — Human
The article presents detailed findings from a specific security research investigation, supported by multiple expert quotes, suggesting it is rooted in direct analysis rather than pure synthetic generation.
