Phishers Get Creative: The NoteGPT Twist You Didn’t See Coming

Cofense Phishing Defense Center reports a phishing campaign that leverages NoteGPT to host malicious “documents” which impersonate Microsoft OneDrive notifications; when users click “View Document” they are redirected to a NoteGPT page and then to a Microsoft-looking credential phishing site (malicious example URL: arc.stylized.it.com). The campaign exploits user trust in legitimate services and branding to harvest credentials, and Cofense recommends verifying senders and links and employing phishing detection and response to mitigate the threat.