Microsoft Reports Active Multi-Stage Phishing Campaign Targeting Energy Sector Organizations

Microsoft has reported an active multi-stage phishing campaign targeting organizations in the energy sector. Attackers are exploiting SharePoint to distribute phishing links and creating inbox rules to conceal their malicious activities and maintain persistence. The campaign combines phishing and BEC (Business Email Compromise) techniques to steal credentials. Specific technical details of the attack are not provided in the available excerpt.