Phishers targeting Office 365 admins have a new trick up their sleeve: they are checking the credentials entered into the spoofed login page in real-time and, if they are valid, the victims are redirected to their real Office 365 inbox. “If the login fails, the end-user is presented with a fake Office 365 login error, asking them to provide their credentials again, as they would in a genuine Office login. This method is something we … Continue reading Phishers targeting Office 365 admins have a new trick up their sleeve