We received reports this morning about a Sharepoint phish going around. The email does come from Microsoft’s Sharepoint mailservers, but looking more closely at the email we can see the company whose Sharepoint was compromised in order to launch this attack. See the circle areas in the screenshots below. Be sure to thoroughly read these emails and not click without being sure of the legitimacy of the email and its contents. The landing page requries entry of the email associated that received the link. Likely beyond this point there is a document containing another malicious link or QR code that will ultimately harvest credentials or install malware. As always, please remain vigilant when reviewing and clicking on links within your email.
