Although SharePoint Online is a legitimate service (which is why phishers like to abuse it), not all of the content hosted there is safe. Phishers may create fake SharePoint Online notifications or use a compromised account at another organization to send phish containing real SharePoint links. If you hover over the link and find that it doesn’t go to https://uvic-my.sharepoint.com/, that means the file is not from UVic’s SharePoint Online offering.
Another red flag in this phish was the fact the phisher was trying to claim this file was from a UVic director, but that director’s name was different from the one in the subject and at the top of the email.
