An uptick in business email compromise attacks is being attributed to successful compromises of multi-factor authentication (MFA) and conditional access controls. Cybercrooks are zeroing in on email clients that don t support modern authentication, such as mobile email clients (for example, iOS Mail for iOS 10 and older); and legacy email protocols, including IMAP, SMTP, MAPI and POP. Many Office 365 licenses provide the ability to configure conditional-access policies, which can be used to block access by users to certain applications.
Source: https://threatpost.com/attackers-mfa-bypass-account-takeovers/158189/