Trend Micro researchers say an ongoing phishing campaign is targeting high-ranking executives in a variety of sectors and countries with fake Office 365 password expiration notifications. The phishing emails take the form of a Microsoft Office365 password reset email and, at first glance, seem like they’ve been sent by the company’s IT administrators. The recipients are urged to clisk on the button/link provided in the email in order to change their password or continue with the same one, because ‘further message might be prevented if any of the above actions are not performed’
Source: https://www.helpnetsecurity.com/2021/01/26/executives-office-365-phishing/