Our organization got some sort of phishing email that contained an attachment which linked to sharepoint - ie. https://someaddress.sharepoint.com/:b:/... etc. The link takes you to that "sharepoint" site with a button to click and download the pdf.
Is it possible for the website to plant a virus on the computer to compromise it, or does the file need to be downloaded in order to compromise the machine?
