The majority of attacks are serving Outlook and Office 365 logins, reflecting the widespread use of these services across corporate environments. Services like Azure, One Drive, Box, Firebase, Box, and Dropbox continue to be leveraged to host phishing pages, and popular note taking app Evernote is now being used too. New attack tactics include the use of data URLs encoding to mask content, dynamic content generation, leveraging of local HTML PDF decoy files, dynamic loading of brand...

Read the full article at Betanews