A newly discovered credential phishing campaign used a legitimate Box webpage and exploited widespread trust in Microsoft 365 to capture victims’ credentials in a convoluted attack chain. The team at Armorblox discovered this threat back in June and say it affected city officials, government and cybersecurity organizations. Attackers chose to host the phishing site on a legitimate box page, which experts say helped the emails land in victims’ inboxes. The attack chain improved the phishers’ chances of flying under the radar until the attack was reported to the security industry.”]
Source: https://www.darkreading.com/attacks-breaches/phishing-attack-used-box-to-land-in-victim-inboxes