Phishing attack evades Microsoft 365 security>
Beta News – Ian Barker
Researchers at email protection company Armorblox have uncovered a targeted email phishing attack designed to get past Microsoft 365 security. The attack is a variant of ‘PerSwaysion’, a recent spate of credential phishing attacks that utilize compromised accounts and leverage Microsoft file-sharing services to lull victims into a false sense of security. By using OneNote to host the final OneDrive phishing link the people behind the attack hope to convince victims to hand over their credentials.
Link: https://betanews.com/2020/05/11/microsoft-365-phishing/