There’s a new phishing email campaign targeting managed service providers and end-users worldwide, attempting to steal not just their Microsoft 365 credentials but also their credit card information. More disturbingly, it bypass a variety of email security solutions used by many managed service providers (MSPs).