From ehackingnews.com
A phishing campaign set on stealing Microsoft login credentials is utilizing Google Firebase to bypass email security efforts in Microsoft Office 365, researchers said.
Researchers at Armorblox revealed invoice-themed emails sent off to at least 20,000 mailboxes that indicate to share data about an electronic funds transfer (EFT) payment. The emails convey a genuinely vanilla subject line, “TRANSFER OF PAYMENT NOTICE FOR INVOICE,” and contain a link to download an “invoice” from the cloud.