A phishing campaign, discovered by researchers at Cofense, is draping itself in a Microsoft Office SharePoint theme and successfully bypassing security email gateways (SEGs). In a post on Tuesday, the firm said that this is an example of why it’s not always prudent to share documents via Microsoft’s hugely popular, widely used SharePoint collaboration platform.
The phish is targeting Office 365 users with a legitimate-looking SharePoint document that claims to urgently need an email signature. The campaign cropped up in a spot that’s supposed to be protected by Microsoft’s own SEG.
