How cyber-attackers use Microsoft 365 tools to steal data