Microsoft says attackers have already adapted their phishing campaigns to use the newly updated design for Azure AD and Microsoft 365 sign-in pages. The new design was designed to lower the bandwidth requirements needed to load Azure AD sign-ins. The change also made it easier for potential victims to figure out when they were targeted by an attacker who forgot to update his phishing tools. Microsoft’s discovery shows just how quick threat actors are at adapting to changes made to resources and experiences they try to impersonate in their attacks.
Source: https://www.bleepingcomputer.com/news/security/new-microsoft-365-sign-in-pages-already-spoofed-for-phishing/