[drzaiusapelord]

Edge just passes links it can't handle to its default handler, like it should[1]. So a link to \\server1\share\file.docx will be sent to Explorer which will try to auth using cached credentials. The attacker can sniff out the NTLM exchange and put the hashed password into a cracker. If your password is weak, then it'll be cracked. Voila! He has your MS username/password.

The larger issue is the lack of 2fa by default. I think these kinds of attacks are symptoms of a larger problem that a lot of hosted services have been ignoring.

[1] There's probably a good argument that Edge should ignore network links like these, but I imagine businesses would be upset if suddenly no one can browse the intranet or open html/jpg/gif items on a share.