New phishing campaign exploits Microsoft Visio files to steal login credentials

A new phishing campaign has been discovered that uses Microsoft Visio files to steal Microsoft 365 login credentials. Attackers upload these files to hacked SharePoint accounts, embedding malicious links that lead to fake login pages. The campaign begins with compromised email accounts, allowing attackers to send phishing messages that appear legitimate. These emails often contain fake purchase orders and may include additional attachments to disguise their intent. Researchers estimate that hundreds of companies worldwide have been targeted by this campaign. The phishing technique includes a unique method requiring users to hold the Control key to click the malicious link, making it harder for automated security systems to detect.