This phishing attack uses an unusual trick to spread further

Attackers enroll Outlook on BYO devices with Azure AD and then spread SharePoint PDF lures.