Here is a viral news snippet in the requested format.
---
**🚨 FBI ALERT: Do Not Click “Share” on Outlook or OneDrive—Here’s Why**
The FBI has issued a stark, urgent warning about a sophisticated phishing campaign weaponizing Microsoft’s own infrastructure. The attack is so convincing it bypasses traditional security filters. Here are the **Top 5 things you need to know about this threat**:
- **The “Share” Button is the Trap:** Hackers are abusing legitimate Microsoft SharePoint and OneDrive sharing features. You will receive an email that appears to be a standard file-sharing notification from a trusted colleague, but the link inside leads to a credential-stealing page—or directly to ransomware.
- **Your Corporate Email is the Target:** The FBI warns this is not random. Attackers are harvesting corporate email addresses and personalizing the subject line with your name and a fake urgent filename. If you work in finance, HR, or IT, you are in the crosshairs.
- **The “Quishing” Element:** The most dangerous variant now includes a QR code inside the shared document preview. Scanning it with your phone bypasses corporate endpoint security entirely, delivering the malware directly to your personal device network.
- **No Suspicious Links in the URL:** Because the initial email comes from a legitimate `sharepoint.com` or `onedrive.com` domain, standard email security tools often mark it as “Safe.” The malicious redirect happens *after* you click, making it invisible to scanners.
- **The 90-Minute Window:** The FBI reports that these malicious “share” links are set to expire after 90 minutes. Hackers know that employees who check email late at night or on weekends are less likely to verify with the sender, making the attack significantly more successful outside of business hours.
**Your one action step:** Never click a shared file link from Outlook or OneDrive without independently verifying with the sender—via a phone