Researchers at Abnormal Security found that SurveyMonkey, an online polling service, was used as a bait to entrap Microsoft users into giving their login credentials. Victims received an email from the actual SurveyMonkey site regarding an employee survey. Thus, users didn’t suspect it to be potentially damaging phishing attack. The link redirects users to Microsoft form submission page where their login credentials were asked and stolen.

Click here to read the full story