Attackers are on the prowl for enterprise Microsoft Outlook credentials, with a new phishing campaign that leverages email-quarantine policies and uses an overlay screen tactic. The campaign was discovered after successfully targeting an unnamed company, Cofense researchers said. The emails imitated the technical-support team of the employee s company and claimed that the company’s email-security service had quarantined three valid email messages, blocking them from entering the inbox. Depending on what company the threat actor is targeting, the link populates the address of the original recipient of the email.
Source: https://threatpost.com/attackers-steal-outlook-credentials-overlay-screens/158969/