A highly-targeted phishing attack pretends to deliver subpoenas, but actually ends up collecting victims Office 365 credentials. The ongoing campaign has slipped by Office 365 and gateway security controls to hit several C-Suite level victims thus far. The phishing emails spoof the U.S. Supreme Court, aiming to capitalize on scare tactics to convince targets to click on an embedded link. The final credential landing page was painstakingly made to resemble an Office 365 login page, designed to collect targets credentials.
Source: https://threatpost.com/supreme-court-phish-targets-office-365-credentials/155955/