Attack Spotlight: Microsoft Office 365 Credential Phishing

Share this content in seconds -- simply copy and paste the following text into an email and send it to your end users.

Email Subject:

Cybersecurity Alert: Phishing attack mimics Office 365 login

Email Body:


Be on the lookout for a current cyberattack that tries to trick you into giving up your Microsoft Office 365 (O365) username and password. These emails appear to come from a reputable organization or person and contain links or attachments for common documents or notifications (e.g., invoices or account alerts).

The link below takes you to a brief (two-minute) module that helps you identify the attack and explains what to do if you see it.

Link to Module:

(Note: This link will take you to the website of Wombat Security, a division of Proofpoint.)

You can also read the attached PDF for more information.

Awareness Module >

Teachable Moments PDF>

*We recommend that you download the PDF and attach it to your email. If you prefer, you can also include a direct link to the PDF.

More Attack Spotlight Content

Attack Spotlight provides infosec professionals with free, actionable content designed to arm end users against the most relevant real-world phishing attacks and lures being seen in the wild.