A new phishing campaign that counterfeits an Outlook Security update email is luring employees to open a New Policy PDF to harvest their Office 365 credentials. There is a dire need for a continuously evolving security strategy which also highlights the importance of having multiple layers of security for robust protection.