From helpnetsecurity.com
![phishers targeting Office 365 admins](https://www.helpnetsecurity.com/images/posts2019/fake-quarantine-notification-O365.jpg)
Phishers targeting Office 365 admins have a new trick up their sleeve: they are checking the credentials entered into the spoofed login page in real-time and, if they are valid, the victims are redirected to their real Office 365 inbox.
“If the login fails, the end-user is presented with a fake Office 365 login error, asking them to provide their credentials again, as they would in a genuine Office login. This method is something we have not seen before,” Avanan researchers told Help Net Security.