Rivercity Technology Services LTD Logo
About Us
Services
Icon showing a support technician
IT Support Services
Cybersecurity Risk Management at one predictable flat rate.
Icon of light bulbs on a laptop screen
IT Consulting
Business optimization through the smart use of technology.
Icon showing a hand holding a phone
Business Phone Services
VoIP Telephone solutions from RCT. 
Icon showing a database and a cloud
Backups & Recovery
Cloud & On Premise - ready to recover!
Icon showing website wireframes
Website Development & Hosting
Web design and full hosting & maintenance packages!
Icon showing an envelope being opened
Modern Email Management
Microsoft 365 email provisioning, security & management.
Icon of a magnifying glass inspecting binary code on a computer screen
Cybersecurity Risk Assessment
Internal auditing to help identify potential cyber threats.
“You’re giving me the ‘it’s not you, it’s me’ routine? I invented ‘it’s not you, it’s me.’ Nobody tells me it’s them not me; if it’s anybody, it’s me.”
- George Costanza
Learning CenterNewsletterContact Us
Book A Consultation

Watch Out for This Sneaky New Scam: Device Code Phishing

Just when you think your cybersecurity is rock solid, bam! a new scam shows up to shake things up.

Right now, a clever trick called device code phishing is making the rounds. And it’s catching out smart, secure businesses like yours.

Here’s the scary part: No password is needed.

That’s right. This phishing scam doesn’t rely on fake login pages or tricking you into typing in your password. Instead, it uses real Microsoft login screens, the kind you trust every day.

How it works

It usually starts with an email that looks legit. Maybe it appears to be from someone in HR or a colleague, inviting you to a Microsoft Teams meeting.

You click the link and land on a genuine Microsoft login page. So far, everything looks normal.

Then you're asked to enter a device code, a short code included in the email. You’re told it’s needed to join the meeting or complete the sign-in.

But here’s the catch: entering that code logs in the attacker, not you. You’ve just given someone else access to your Microsoft account on their device.

Even worse, this can bypass multi-factor authentication (MFA) because the login is happening through Microsoft’s own channels. That makes it really hard to detect with standard security tools.

What can go wrong?

Once inside, cybercriminals can:

  • Read your emails
  • Access your files
  • Impersonate you to trick others

It's like handing someone the keys to your office without realizing it.

How to protect your business

  • Pause before entering any device codes. If you didn’t request it, don’t enter it.
  • Verify suspicious emails separately. Call the person or message them using a trusted channel.
  • Know the red flags. Real Microsoft logins don’t involve someone else sending you a code to type in.
  • Ask your IT provider to disable device code login if it’s not something your business needs.
  • Keep training your team. The more your people know, the safer your business will be.

Cybersecurity isn’t just about strong passwords; it’s about staying sharp and spotting the tricks. If you’re unsure whether your defences are up to date, we’re here to help.

Let’s lock those doors before someone sneaks in. Get in touch.

Until next time, keep fit and have fun!

(TYYV) The Yada Yada Version:

Device code phishing is a new scam that tricks users into granting account access through legitimate Microsoft login pages, bypassing passwords and even MFA by entering a seemingly harmless code and yada yada yada its just yet another scam to watch out for!

Mitch Redekopp
Article Written by Mitch Redekopp

Get in Touch

Need IT Services or Cybersecurity for your business? Have tech questons? Contact us today, we'd love to help you!
Blog Sidebar Contact Form
Related Articles
Rivercity Technology Services LTD logo
We are your IT department. How would you like to manage your risk?
201-116 Research Dr,
Saskatoon, SK
S7N 3R3

306-933-3355

Copyright © 2025 - All Rights Reserved

crossmenu