A new report from researchers from Armorblox Inc. details a new spin on a credential-phishing attack that uses an old favorite — fake shipping correspondence from DHL — to breach Microsoft 365 and Exchange Online Protection. The phishing campaign targeted more than 10,000 inboxes at a private education institution and used social engineering and brand impersonation to replicate existing business workflows, with a malicious attachment thrown in for good measure.
Read full article on SiliconANGLE