Scam of the Week: SharePoint Phishing Attack on Office 365 Users
This latest attack uses several familiar aspects of O365 to lull potential victims into an assumption everything is above board.
Be on alert! The bad guys have a new way of stealing your login credentials. They target you by sending you an invite via email to open a SharePoint document. The link takes you to an actual SharePoint page where you will see a OneDrive prompt. The prompt will have an “Access Document” link in it- don’t click this link!
This link is malicious and will take you to a fake Office 365 login screen. Any credentials you enter here will be sent to the bad guys. Don't be tricked.
Whenever you're submitting login credentials to any site, make sure to check the URL of the page for accuracy. Also, remember to always hover over links to see where they are taking you.
Remember, Think Before You Click.