User received an email
Yes, there is even more to it, even more disclaimers
The ‘attached’ file, is a link elsewhere, of course
That link goes to the fake PDF page
That link goes to another page that is using the wrong cert so you get a warning
Sadly at this point it 404d out
But it would have been a fake Microsoft login page we’ve seen before
Until next time, stay safe out there
Xoke's dot com 