Microsoft is warning of a widespread credential phishing campaign that leverages open redirector links.