The phish is targeting Office 365 users with a legitimate-looking SharePoint document that claims to urgently need an email signature. IBM labelled the phish a high-risk threat and gave these recommendations:Ensure anti-virus software and associated files are up to date. In December, spearphishers spoofed Microsoft.com to target 200 million users, successfully slipping past SEG controls due to Microsoft s reported failure to enforce domain-based message authentication, reporting & conformance (DMARC)
Source: https://threatpost.com/sharepoint-phish-ransomware-attacks/165671/