**STAY WOKE: FBI Issues Urgent Alert – Microsoft 365 Users Targeted in Sophisticated OneDrive Phishing Campaign**
**THE HIDDEN TRUTH:** The FBI has quietly circulated a private industry warning that cybercriminals are now weaponizing official Microsoft **Outlook and OneDrive** notifications to execute a devastating new phishing scheme. Unlike generic scams, these attackers have bypassed standard security filters, embedding malicious links inside legitimate-looking file-sharing alerts that appear to come from a colleague’s verified OneDrive sync.
🔍 **Key Details from the underground intelligence:**
- The attack vector exploits the “shared file” notification system within Outlook, tricking users into clicking on what appears to be a business-critical document.
- Once accessed, the user is prompted to re-enter their Microsoft credentials on a near-perfect replica of the Office 365 login portal — but the page is harvesting passwords and MFA tokens in real-time.
- Early reports suggest the malware can then silently exfiltrate entire OneDrive repositories, including sensitive corporate data and personal backups, without triggering standard endpoint alerts.
⚠️ **The Hidden Layer:** Cyber investigators have identified a custom-coded PowerShell backdoor that persists even after password resets, allowing attackers to maintain long-term access to your cloud environment. The FBI advises enabling **controlled folder access** and **admin consent workflows** immediately—standard antivirus scans are reportedly missing this strain.
🔗 **Don’t get hooked.** Trust no link, verify any unexpected OneDrive share via a separate communication channel. The truth is: your “safe” cloud storage may already be a backdoor into your company’s entire network.