OfficeのSwayを使った攻撃とか。

Researchers at Forcepoint Security Labs recently observed how hackers can easily send malicious web links to employees at targeted organisations and avoid a majority of common malicious web link scanners and filters at the same time.
Considering that phishing attacks have been acknowledged as among the most serious cyber threats faced by organisations globally, a large number of organisations have employed automated detection tools that can detect and quarantine phishing emails, typosquatted domains and malicious links from reaching employees' workstations.
Such being the case, hackers are now coming up with new techniques and are exploiting often-overlooked loopholes in legitimate software to make employees click on malicious links and install spyware or ransomware tools into targeted systems.
Recently, Forcepoint Security Labs observed that Microsoft Sway, a member of the Office 365 group of apps and similar to PowerPoint, was being used by malicious actors to send phishing links to targeted users.

https://www.scmagazineuk.com/hackers-use-microsoft-sway-carry-phishing-attacks-without-fear-detection/article/1494717