minute read Share this article: As more organizations migrate to Office 365, cybercriminals are using Outlook, Teams and other Microsoft-themed phishing lures to swipe user credentials. Almost half of phishing attacks in 2020 aimed to swipe credentials using Microsoft-related lures – from the Office 365 enterprise service lineup to its Teams collaboration platform. According to a Tuesday report by Cofense, which analyzed millions of emails related to various attacks, 57 percent were phishing emails aiming to steal victim usernames and passwords. The remainder of malicious emails were utilized in business email compromise (BEC) attacks or for malware delivery. Of those phishing emails, 45 percent were Microsoft-themed, said researchers: Cybercriminals are both relying on Microsoft-themed lures for their emails, as well as using ensuing phishing landing pages that either spoof or leverage legitimate Microsoft domains or services.