In a recent article, VentureBeat has referred to Microsoft Teams as “the new frontier for phishing attacks”. Hackers are increasingly moving beyond the traditional phishing-email method to other platforms such as Teams, which recently surpassed 270 million monthly users.

How It Works

Our research suggests that hackers are dropping executable files into Teams conversations, in order to infect a victim’s device with Trojans. The attackers gain access by hacking into a user’s email account — or by using stolen Microsoft 365 credentials. Once inside, they can bypass protections and access various systems. The problem is that organizations do a good job of training their employees to identify suspicious emails — but threats via platforms such as Teams have so far seen little threat education.

One example making the rounds is the story of a CEO who was traveling to China. Posing as the CEO, a hacker sent a WhatsApp message to relevant employees, inviting them to join a Teams meeting. In the meeting, the employees saw what they thought was the CEO over the webcam (actually made with video footage from a past TV interview).  

As there was no audio, the fake CEO asked that — due to a bad connection — employees instead send him the requested information on a SharePoint link, which he then dropped into the chat. Dismayingly, one employee did so. . .

Protection

To defend against such attacks, we recommend that businesses install protection that inspects all incoming files and secures all communication suites — including Microsoft Teams. Users can add an extra layer of protection to their devices today with Trend Micro Maximum Security. It includes Web Threat Protection, Ransomware Protection, Anti-phishing, and Anti-spam Protection to help you combat scams and cyberattacks. Click the button below to give it a try:

So to our readers out there who use Teams — keep an eye out for any unfamiliar file deliveries or surprising lines of communication. And as ever, if you’ve found this article an interesting and/or helpful read, please do SHARE it with friends and family to help keep the online community secure and protected.