A complex phishing scheme for stealing Office 365 credentials from small and medium-sized businesses in the U.S. and Australia combines cloud services from Oracle and Amazon into its infrastructure. Cybersecurity company Mitiga says that despite the simple lure and purpose, the campaign stands out as sophisticated as the road to exfiltration goes through legitimate services and websites. The campaign has been active for more than half a year and uses a network of legitimate websites that have been compromised to work as a proxy chain.
Source: https://www.bleepingcomputer.com/news/security/office-365-phishing-abuses-oracle-and-amazon-cloud-services/