An ongoing phishing campaign is targeting the United Nations and several humanitarian aid organizations using landing pages impersonating legitimate Microsoft Office 365 login pages. The campaign is actively launching attacks since March 2019 according to researchers at Lookout Phishing AI. The two domains used to host the phishing toolkits and related content are associated with an IP network block and an ASN (Autonomous System Number) The attackers also use SSL certificates to further increase the illusion that their landing pages are legitimate. The full list of humanitarian aid orgs currently under attack are available in the table embedded at the end of the article.
Source: https://www.bleepingcomputer.com/news/security/microsoft-phishing-attacks-target-united-nations-and-charities/