Microsoft says an Exchange Online issue that mistakenly quarantined legitimate emails last week was triggered by faulty heuristic detection rules designed to block credential phishing campaigns.

A user-friendly PhaaS tool beats standard methods for detecting phishing attacks by live-proxying legitimate login sites.