Office 365-themed phishing campaign targets executives, assistants, financial departments. Microsoft Exchange servers around the world are still getting compromised via the ProxyLogon (CVE-2021) and three other vulnerabilities patched by Microsoft in early March. Gartner predicts that, by 2022, 60% of large and global enterprises as well as 90% of midsize enterprises will implement passwordless methods in more than half of use cases. 71% of office workers globally ‘ including 68% in the US ‘ admitted to sharing data using instant messaging (IM) and business-data sharing tools.
Source: https://www.helpnetsecurity.com/2021/03/21/week-in-review-attacks-on-exchange-servers-escalate-the-influence-of-the-agile-manifesto-o365-phishing/