Office 365 File Share Phishing Scam

In a current phishing scam hitting campus, malicious actors are compromising other institutions' Office 365 accounts and using them to share files designed to gain your credentials. 

When you click on the link to get to the online document, you are directed to a Word document which contains a link to a credential harvesting site. 

HOW TO RECOGNIZE WHETHER A FILE SHARE IS LEGITIMATE OR A PHISH

• Verify the email is originating from a University of Arizona email address. 
• Check whether there is an External Sender notification.
• Recognize the University's WebAuth login and Office 365 site.

Malicious actors are continuing to take advantage of the remote work environment and are constantly using new tactics to gain users' credentials. Check our list of phishing scam alerts to see the latest phishing campaigns circulating on campus.