From nakedsecurity.sophos.com
Here’s a phishing email we received recently that ticks all the cybercriminal trick-to-click boxes.
From BEC, through cloud storage, via an innocent-sounding One Note document, and right into harm’s way.
Instead of simply spamming out a clickable link to as many people as possible, the crooks used more labyrinthine techniques, presumably in the hope of avoiding being just one more “unexpected email that goes directly to an unlikely login page” scam.