A domain spoofing email phishing campaign that very convincingly impersonates Microsoft and successfully tricks legacy secure email gateways has recently been spotted by Ironscales. It also led them to discover that Microsoft servers are not currently enforcing the DMARC protocol.

Read full article on Help Net Security