"Microsoft 365 Users Targeted by Phishers Abusing Microsoft Forms"

Phishing campaigns involving Microsoft Forms have increased to steal Microsoft 365 login credentials. Threat actors use breached business partners' and vendors' email accounts to send phishing emails. The latest campaigns use emails in the form of fake mail error notifications from Microsoft and bid invitations. This article continues to discuss findings regarding the phishing campaigns leveraging Microsoft Forms to trick targets into sharing their Microsoft 365 login credentials.

Help Net Security reports "Microsoft 365 Users Targeted by Phishers Abusing Microsoft Forms"

Submitted by grigby1