**Breaking: FBI Issues Urgent Alert – 5 Things You Need to Know About the Outlook/OneDrive Hack**
The FBI has just issued a critical warning for millions of users. Here is the breakdown of what is happening right now:
- **The Attack is Live & Widespread** – Cybercriminals are actively exploiting a flaw in the **Microsoft Outlook** ecosystem, using **OneDrive** as a delivery vehicle. The FBI confirmed this is not a hypothetical threat; users are being targeted in real-time with malicious file invitations.
- **It Looks Like a Legitimate Share Request** – Victims receive an official-looking email from Outlook, asking them to review a shared OneDrive document. The moment you click “Open,” a malicious script runs in the background, bypassing standard security filters and compromising your Microsoft account credentials.
- **Your Data is Being Exfiltrated** – Once inside, attackers are not just stealing files. They are using OneDrive’s own sync capabilities to silently copy passwords, stored credit card info, and sensitive corporate data to external servers. The FBI warns this is a “double-threat” attack.
- **Targeting Businesses & Home Users Equally** – While large enterprises are a primary goal, the FBI stresses that personal accounts are at “extreme risk.” If you use OneDrive for family photos, taxes, or personal documents, you are a target. The attack does not discriminate.
- **Immediate Actions You Must Take** – **Do NOT click** any unsolicited “Review this document” links in Outlook. As a precaution, the FBI recommends disabling “Automatic File Sync” in OneDrive temporarily and enabling **Multi-Factor Authentication (MFA)** on your Microsoft account *immediately*. If you clicked a suspicious link in the last 48 hours, change your password and run a full antivirus scan now.