Here is a viral news snippet in the requested format:
**🚨 FBI ALERT: New Outlook & OneDrive Warning**
The FBI has just issued a new public service announcement regarding a critical phishing campaign targeting *all* Microsoft 365 users. Here are the **Top 5 things you need to know**:
- **The "MFA Bombardment" Tactic:** Hackers are not just sending one email. They are flooding users with dozens of Outlook password reset notifications and fake "Shared File" alerts from OneDrive in rapid succession.
- **The "Call-Fatigue" Trap:** After overwhelming you with notifications, attackers will call you, pretending to be Microsoft Tech Support (spoofing the real Microsoft number). They claim they are "stopping the breach" and ask for a verification code.
- **OneDrive is the Trojan Horse:** The malicious link often mimics a "View Document" prompt in OneDrive. Clicking it bypasses traditional email filters because it looks like a legitimate file-sharing invite from a trusted contact whose account was already compromised.
- **If You Approve the MFA Prompt:** The second you accept the fake login approval on your authenticator app, the attacker has a "refresh token." This allows them **permanent access** to your email, Teams, and files without needing a password ever again.
- **The "New Normal" Defense:** Do not ask "Is this legit?" **Assume all unsolicited shared-folder links are hostile.** Any call asking for a "code" or "token" should be treated as a criminal. Hang up and initiate contact using a number you know is real.
**The Takeaway:** If you get a flood of OneDrive alerts followed by a phone call from "Microsoft"—**stay silent, hang up, and report it to the IC3.**