Microsoft security researchers uncovered a large-scale phishing operation that tricks employees with fake 'code of conduct' emails, then uses adversary-in-the-middle techniques to steal authentication tokens — effectively bypassing multi-factor authentication and compromising accounts even at organizations with strong security practices.