21st MAY 2026

New Kind of Phishing Threat

Cyber attacks are no longer just a large-business problem. The UK Government’s Cyber Security Breaches Survey 2025/26 found that 46% of small businesses, 65% of medium businesses and 69% of large businesses reported a breach or attack in the last 12 months.

Phishing remains the most common attack by far. A convincing email, message or fake login page can be enough to steal a password and give criminals access to business systems, payment processes or sensitive data.

Is MFA enough?

Multi-factor authentication (MFA) remains one of the most effective ways to protect accounts, but attackers are increasingly finding ways around weaker setups. Some phishing attacks now trick users into approving login requests or capture temporary access tokens after a successful login. How does this new kind of attack work?

How we protect you

• Device code logins are being disabled for users who do not require them, helping prevent this attack method in the first place.
• If your environment does not currently support this feature, your Bluespires Technical Consultant will contact you to discuss licensing options needed to implement this mitigation.
• We continue to monitor the latest guidance, respond to new alerts, and flag any concerns where appropriate.

What you can do

• Only enter a device code when setting up a device you are physically standing in front of.
• Treat any email asking you to “enter a code” to access a document as high risk and report it to the helpdesk immediately.

Strengthen your defences

What can you do to further protect your business? For many organisations, a practical first step is often Cyber Essentials. Cyber Essentials is a UK government-backed certification scheme designed to help protect organisations of all sizes against the most common cyber threats.

If you already hold Cyber Essentials certification, speak to us about whether Cyber Essentials Plus, or ISO27001 could be the right next step for your business to level up security and compliance.