Attackers use spoofed sender addresses and Microsoft SharePoint lures in a new phishing campaign. Microsoft Security Intelligence researchers discovered the campaign targeting organizations that use Microsoft Office 365 by using the file-sharing aspect of SharePoint. The campaign spoofs sender addresses that contain the target usernames and domains, as well as display names that mimic legitimate services to try and slip through email filters, researchers said. Microsoft 365 Defender can be used to flag any emails from the campaign that may have slipped past other gateways.
Source: https://threatpost.com/phishing-sharepoint-file-shares/168356/