A new phishing campaign is allowing cyberattackers to take over Windows systems, targeting Microsoft SharePoint accounts. The attackers first attempt to get users to deploy a PowerShell command through a malicious document in a ClickFix-style attack. Then, the attackers are able to gain complete control over the users’ system. Researchers at FortiGuard Labs discovered the campaign on Monday. ClickFix attacks were first discovered last April, and ask a user to “fix” something by copy and pasting code. 

Read more: https://www.darkreading.com/cyberattacks-data-breaches/phishers-wreak-havoc-disguising-attack-inside-sharepoint