The NJCCIC has detected a recent phishing campaign targeting New Jersey employees that is crafted to obtain Microsoft Outlook Web Access (OWA) account credentials. As OWA is a common platform used by businesses and organizations to grant remote webmail access to employees, compromised credentials could pose a significant risk to network security. This campaign delivers unsolicited emails with an embedded URL that redirects users to a fraudulent OWA login page. Once a user enters their credentials into the phishing website, they are redirected to the legitimate Microsoft OWA page and prompted to log in again. Recent subject lines associated with this campaign include “Servicedesk: VALIDATE MAIL ACCOUNT,” “Your Outlook Exceeded,” “Help Desk Support,” and “IT Service.” The NJCCIC strongly recommends never using links provided in unsolicited emails to visit websites requiring the input of account credentials. Users who receive unexpected or unsolicited email requests from known senders inviting them to click on a link or open an attachment should always verify the sender via another means of communication before taking any action. Enable multi-factor authentication on all accounts that offer it to prevent unauthorized access as a result of credential compromise.