O365 Sharepoint Phishing Campaign

April 28, 2021

A phishing campaign targeting Office 365 users with a legitimate-looking SharePoint document that claims to urgently need an email signature. Campaign has successfully bypassed Microsoft’s Security Email Gateway (SEG).

When credentials are given the website redirects to a spoofed unrelated document which might be enough to trick people into thinking it was a legitimate action.

Read More…