Cybercriminals are exploiting legitimate email security services from Proofpoint and Intermedia to launch sophisticated phishing attacks targeting Microsoft 365 users. The hackers use these trusted platforms' link-wrapping features to create multi-layered redirects that bypass security filters and appear legitimate to victims.
When users click these disguised links, they're taken through several redirects before landing on fake Microsoft login pages designed to steal their credentials. This technique is particularly dangerous because it leverages trusted security brands, making the malicious emails harder to detect and more likely to fool recipients.
Source: The Hacker News