Microsoft says a year-long and highly evasive spear-phishing campaign has targeted Office 365 customers in multiple waves of attacks starting with July 2020. The ongoing phishing campaign lures targets into handing over their Office 365 credentials using invoice-themed XLS.HTML attachments and various information about the potential victims, such as email addresses and company logos. The attackers have changed the encoding mechanisms to keep evading detection, using different methods for each segment and switching between plaintext HTML code, escaping, Base64, ASCII chars, and even Morse code.
Source: https://www.bleepingcomputer.com/news/microsoft/microsoft-evasive-office-365-phishing-campaign-active-since-july-2020/