Attackers continue to adapt classic phishing techniques to exploit trusted cloud infrastructure, and Microsoft Entra tenant invitations now sit firmly in their crosshairs. In this emerging campaign, adversaries abuse ๐๐ข๐๐ซ๐จ๐ฌ๐จ๐๐ญ ๐๐ง๐ญ๐ซ๐ ๐ญ๐๐ง๐๐ง๐ญ ๐ข๐ง๐ฏ๐ข๐ญ๐๐ญ๐ข๐จ๐ง๐ฌ to deliver ๐๐๐๐ (Telephone-Oriented Attack Delivery) attacks that bypass traditional URL-centric defenses and drive victims toward attacker-controlled phone numbers. Instead of asking users to click a suspicious link, the phish arrives as a genuine guest user invitation from invites@microsoft[.]com, complete with realistic tenant names and fabricated billing details, which makes it far more convincing at first glance.
๐๐ก๐ข๐๐ญ ๐๐ซ๐จ๐ฆ ๐ฅ๐ข๐ง๐ค-๐๐๐ฌ๐๐ ๐ฉ๐ก๐ข๐ฌ๐ก๐ข๐ง๐ ๐ญ๐จ ๐๐๐๐
๐๐๐ฅ๐๐ฉ๐ก๐จ๐ง๐-๐๐ซ๐ข๐๐ง๐ญ๐๐ ๐๐ญ๐ญ๐๐๐ค ๐๐๐ฅ๐ข๐ฏ๐๐ซ๐ฒ evolved as email security improved at catching obvious malicious URLs and attachments. In TOAD campaigns, the initial email usually contains no payload at all. Instead, it pushes the victim to call a phone number, where a human or scripted operator walks them through fake support steps, credential capture, and sometimes remote-access tooling. Several detailed breakdowns of TOAD trends show that callback phishing regularly evades secure email gateways because the email content often looks harmless at a static level.
Because of this shift, defenders must treat phone numbers inside cloud-delivered messages with the same suspicion they once reserved for attachment-based lures. In the ๐๐ข๐๐ซ๐จ๐ฌ๐จ๐๐ญ ๐๐ง๐ญ๐ซ๐ ๐ญ๐๐ง๐๐ง๐ญ ๐ข๐ง๐ฏ๐ข๐ญ๐๐ญ๐ข๐จ๐ง๐ฌ ๐๐๐๐ ๐๐ญ๐ญ๐๐๐ค๐ฌ described here, that phone number sits inside a legitimate guest invitation that many users instinctively trust.
๐๐จ๐ฐ ๐๐ข๐๐ซ๐จ๐ฌ๐จ๐๐ญ ๐๐ง๐ญ๐ซ๐ ๐ ๐ฎ๐๐ฌ๐ญ ๐ข๐ง๐ฏ๐ข๐ญ๐๐ญ๐ข๐จ๐ง๐ฌ ๐ง๐จ๐ซ๐ฆ๐๐ฅ๐ฅ๐ฒ ๐ฐ๐จ๐ซ๐ค
Under normal circumstances, Entra B2B collaboration allows administrators to invite external guests into their tenant. The platform creates a guest account, sends an invitation, and walks the external user through a redemption process so they can access Teams, SharePoint, or other resources. Microsoftโs documentation explains that invitations can be sent through the Entra admin center, PowerShell, or APIs, and that external collaboration settings control who can invite guests and how domains are restricted.
Furthermore, Entra external collaboration configuration includes options for domain allowlists or blocklists, guest visibility, and entitlement restrictions, all of which influence how B2B invitations move across environments.ย Because guest access underpins many modern partnerships, organizations often keep these paths open, and attackers take advantage of that openness.
๐๐ก๐ ๐๐๐๐ ๐๐๐ฆ๐ฉ๐๐ข๐ ๐ง: ๐๐ง๐ ๐ข๐ง๐๐๐ซ๐ข๐ง๐ ๐ญ๐ซ๐ฎ๐ฌ๐ญ ๐ฐ๐ข๐ญ๐ก ๐๐๐ค๐ ๐ญ๐๐ง๐๐ง๐ญ๐ฌ
In this specific Microsoft Entra tenant invitations TOAD campaign, adversaries create their own Entra tenants and assign names that resemble legitimate Microsoft-affiliated services, such as โUnified Workspace Team,โ โCloudSync,โ or โAdvanced Suite Services.โ These labels appear plausible enough that busy users rarely question the origin. Once the infrastructure exists, the attackers send guest invitations from invites@microsoft[.]com, relying on the fact that the sender address and Entra branding match expectations for a real collaboration invite.
Inside the invitation, the message body contains a detailed scenario about a supposed ๐๐ข๐๐ซ๐จ๐ฌ๐จ๐๐ญ ๐๐๐ ๐๐ง๐ง๐ฎ๐๐ฅ ๐ฉ๐ฅ๐๐ง renewal. The text lists fabricated reference numbers, customer IDs, and a charge of roughly ๐๐๐.๐๐ ๐๐๐, which looks consistent with business-grade subscription pricing. The instructions urge the recipient to call a phone number labeled as Microsoft Billing Support to dispute or confirm the charge. That number routes to an attacker-run call center instead of any legitimate Microsoft support channel.
๐๐ญ๐ญ๐๐๐ค ๐ฌ๐ญ๐๐ ๐๐ฌ: ๐๐ซ๐จ๐ฆ ๐ข๐ง๐ฏ๐ข๐ญ๐๐ญ๐ข๐จ๐ง ๐ญ๐จ ๐๐ซ๐๐๐๐ง๐ญ๐ข๐๐ฅ ๐ญ๐ก๐๐๐ญ
First, the victim receives the invitation email that appears to originate from Microsoftโs infrastructure. Then, the billing narrative creates urgency and fear of an unwanted charge. As soon as the user calls the number, a TOAD script takes over. Numerous analyses of callback phishing show that operators typically walk victims through verification questions, pressure them into sharing Microsoft 365 credentials, and push them into remote-support sessions using legitimate remote-access tools.
During these calls, adversaries may reset passwords, enroll their own devices into conditional access flows, or register additional multi-factor authentication methods. Several public briefings on TOAD note that once attackers hold live phone control, they can sidestep many typical phishing indicators, because the victim willingly reads codes, approves prompts, and authorizes device registrations.
๐๐ฑ๐ฉ๐ฅ๐จ๐ข๐ญ๐ข๐ง๐ ๐ญ๐ก๐ ๐๐ง๐ญ๐ซ๐ ๐ข๐ง๐ฏ๐ข๐ญ๐๐ญ๐ข๐จ๐ง ๐ฆ๐๐ฌ๐ฌ๐๐ ๐ ๐๐ข๐๐ฅ๐
The campaign hinges on a subtle design gap in the Entra invitation process. The guest invitation message field accepts relatively long, free-form text. That flexibility allows the platform to carry collaboration context; however, it also lets attackers embed complete phishing scripts and billing stories directly into the invite. Public research on this specific attack notes that the primary motive is to exploit the message field rather than any code execution flaw.
Because the message rides inside an invite generated by Microsoft, many email security solutions treat it as benign system mail. Some defenders already document that callback phishing and TOAD emails often evade detection for the same reason: the content contains no obvious payloads, just text and a phone number.
๐๐ง๐๐ข๐๐๐ญ๐จ๐ซ๐ฌ ๐ญ๐จ ๐ก๐ฎ๐ง๐ญ ๐๐จ๐ซ ๐ข๐ง ๐ฅ๐จ๐ ๐ฌ ๐๐ง๐ ๐ญ๐๐ฅ๐๐ฆ๐๐ญ๐ซ๐ฒ
Security teams can start by reviewing email and Entra audit logs for invitations sent from invites@microsoft[.]com that include:
โ Tenant names matching or resembling the attacker patterns, such as x44xfqf.onmicrosoft[.]com, woodedlif.onmicrosoft[.]com, and xeyi1ba.onmicrosoft[.]com.
โ Subject lines that indicate a generic invitation to access applications within another organizationโs tenant.
โ Message bodies that describe unexpected Microsoft 365 renewals or invoices, particularly around mid-value amounts like the ๐๐๐.๐๐ ๐๐๐ example.
Additionally, defenders can mine call-detail records, help desk notes, and security incident tickets for repeated reports of suspicious โMicrosoft billingโ calls that tie back to a handful of phone numbers. Multiple industry write-ups highlight how TOAD activity often clusters around small sets of VoIP numbers that attackers recycle across campaigns.
๐๐ข๐ฌ๐ค ๐ข๐ฆ๐ฉ๐๐๐ญ ๐๐จ๐ซ ๐๐ข๐๐ซ๐จ๐ฌ๐จ๐๐ญ ๐๐๐ ๐ญ๐๐ง๐๐ง๐ญ๐ฌ
From a risk perspective, Microsoft Entra tenant invitations TOAD attacks matter because they blend three high-impact factors. First, they rely on legitimate Microsoft infrastructure, which reduces the chance of outright blocking. Second, they drive victims directly into phone-based social engineering, where technical controls lose influence and user behavior becomes the main defense line. Third, they specifically target identity and access: the attacker wants account credentials, MFA codes, or device enrollment approvals.
As several TOAD case studies note, successful callback phishing often leads to lateral movement inside cloud tenants, data exfiltration, and business email compromise rather than just a single mailbox takeover. Once adversaries hold valid tokens and devices, many downstream controls treat them as normal users.
๐๐๐๐ฎ๐ซ๐ข๐ญ๐ฒ ๐๐จ๐ง๐ญ๐ซ๐จ๐ฅ๐ฌ: ๐ฌ๐ญ๐ซ๐๐ง๐ ๐ญ๐ก๐๐ง๐ข๐ง๐ ๐๐ง๐ญ๐ซ๐ ๐๐ฑ๐ญ๐๐ซ๐ง๐๐ฅ ๐๐จ๐ฅ๐ฅ๐๐๐จ๐ซ๐๐ญ๐ข๐จ๐ง
To reduce exposure, organizations should revisit Microsoft Entra external collaboration settings with TOAD in mind. Microsoftโs guidance outlines how to constrain which roles can invite guests, how to restrict domains, and how to limit guest user capabilities inside the directory.
Teams can tighten guest invitation flows by limiting invitation rights to specific admin roles, applying explicit domain allowlists for B2B collaboration, and regularly reviewing guest accounts for unusual naming patterns or inactivity. Additionally, security operations centers can integrate KQL-based hunting queries against Entra sign-in and audit logs to surface suspicious spikes in guest invitations or repeated invitations from newly created tenants.
๐๐ฌ๐๐ซ ๐๐ฐ๐๐ซ๐๐ง๐๐ฌ๐ฌ ๐๐จ๐ซ ๐๐๐ฅ๐ฅ๐๐๐๐ค ๐๐ง๐ ๐๐๐๐ ๐๐ญ๐ญ๐๐๐ค๐ฌ
Technical controls alone will not stop Microsoft Entra tenant invitations TOAD attacks. Therefore, organizations need targeted awareness campaigns that explain callback phishing in clear language. Training should emphasize that:
โ Users must distrust any billing-related email or invitation that demands a phone call to resolve an unexpected charge.
โ Staff should call official support numbers retrieved from the organizationโs internal portal or Microsoftโs official site, never from the body of an email or Entra invitation.
โ Employees must report any suspicious Microsoft billing calls to security teams, especially when combined with recent Entra invitations.
Government and financial-sector advisories already warn that TOAD and voice-phishing scams rely on urgency, confusion about charges, and trust in the phone channel.ย When users understand that a legitimate-looking invitation can still be weaponized, they become more resilient to these blended social engineering attacks.
4 thoughts on “Hackers Exploit Microsoft Tenant Invitations for TOAD Phishing”