A phishing campaign that uses legitimate organizations’ Office 365 infrastructure to send emails has emerged onto the cyberscam scene. Cybercriminals are looking to compromise Office 365 administrator accounts to send out phishing lures. Office 365 phishing attacks are still very common, according to Vade Secure s Phishers Favorites report for Q3 2019. PayPal overtook Microsoft to claim the top spot for the number of unique Microsoft phishing links in Q3.
Source: https://threatpost.com/office-365-admins-phishing/150352/