Microsoft Office 365 users are being targeted by a malicious email campaign impersonating an automated SharePoint notification. The fake emails were crafted to mention the name of the targeted organisations and have already reached over 50,000 inboxes, according to email security company Abnormal Security.
The messages invited potential victims to click on a link in the body of the message, which would take them to a fake SharePoint landing page. There, through a series of redirects, users would be asked to input their credentials.
Another variant asked users to download a PDF document which would also redirect to a credential-stealing page.