Adobe Flash zero-day vulnerability (CVE-2018-15982) was used in a spear-phishing attack against a medical institution in Russia. Adobe released a patch on December 5, 2018. This vulnerability and attack sequence highlighted a number of mitigations that you can use to block such attacks. You can mitigate this threat in several ways, and you can detect if your email account has been compromised. Make sure that Office 365 checks on links (ATP Safe links) and deletes sent email based on threats.”]
Source: https://www.csoonline.com/article/3336219/how-to-defend-office-365-from-spear-phishing-attacks.html