A user reported a phishing attack in their Office 365 organization. The Office 365 Threat Protection service investigated the report and found a malicious URL distributing malware. The URL was blocked for all users in the organization to prevent further infection from this phishing attempt.