There have been many additions to the tools and applications the global workforce are now using since the pandemic started, with many employees required to work from home. Collaboration tools and videoconferencing apps, being some of the most prevalent technologies organisations are using, are not immune to the cybersecurity threats which are rising as well during these times.
Microsoft Teams, which has 75 million users worldwide as of April 2020, is one of the platforms that is increasingly being targeted by opportunistic cybercriminals. In late October, there were reported phishing attacks to the users of Microsoft Teams, targeting between 15,000 to 50,000 individuals.
Photo Credit: Abnormal Security
Attacks are typically initiated by a fake notification message, designed to look like it is a genuine message from Microsoft Teams. It alerts the recipient that ‘There’s new activity in Teams’, notifying them that their teammates are trying to reach them in order to lure the recipient into clicking the ‘Reply in Teams’ button. However, this actually leads to a phishing page which will try to trick the recipient into giving up their login credentials.
In the fake message, there are three links hidden that will show up should the user click it: appearing as ‘Microsoft Teams’, ‘(contact) sent a message in instant messenger’, and ‘Reply in Teams’. The said links will redirect to a fake website that impersonates the Microsoft login page, using URL (microsftteams) and webpage layouts that closely resemble the original. If the user is not able to distinguish such differences, it may lead to them entering their email and password, which can be used to hijack their Office 365 account.
The fact that Microsoft Teams is an instant messaging service means that it’s more likely that recipients might click on the link in order to respond as quickly as possible to the message they have received.
This isn’t the first time Microsoft Teams has been faced with cybersecurity threats, as there were reports of impersonation emails as early as May this year. In their support page, Microsoft listed down some tips on how to protect yourself from phishing attacks, which you can see here.