Cybercriminals use Microsoft SharePoint phishing attack called PhishPoint to harvest Office 365 end-user credentials, cloud security platform provider Avanan warns.