Trending: Criminals use fake Teams Alerts to steal passwords

  • Designer
  • October 26, 2023
  • 10 minutes of reading
  • Edited 8 months ago

Table of Contents

With the explosive growth of Microsoft Teams, cybercriminals are using spoofed Teams messages to scam users.  According to researchers from Abnormal Security, criminals have been using cloned imagery and designs to make their malicious alerts look like real ones from Microsoft.   This approach makes it difficult to determine if the notification is authentic.    Cyber criminals have become skilled at not only making emails look like real notifications but also using multiple redirects to make the URL or internet address making it difficult to Spot Safe vs Unsafe Websites .

According to Bleeping Computer, The Microsoft Teams cloud collaboration platform has experienced a huge usage spike since the start of the COVID-19 pandemic, with Microsoft announcing on March 30 that the platform has reached 75 million daily active users (DAUs), with 70% increase since March 19 when it reported 44 million DAUs.

The alerts clone legitimate login pages, first bouncing users through several trusted sites (YouTube, Microsoft, etc) to hide the URL used in the phishing campaign.

If the recipient falls for the ruse, the attackers can capture the user’s credentials, using this to steal valuable information, hack deeper into organization systems, or use the mailbox as a launch pad to trick other users within the organization.

What can you do?

  • Ensure you implement MFA or Two Factor Authentication for all users
  • Warn users in your organization to be cautious and stay diligent
  • Redouble user security awareness training
  • Ensure that computers are patched with the latest software updates.  (The Microsoft Teams client was recently patched to fix a security vulnerability that allowed attackers to take over user accounts by sending them an animated GIF image.)

Need more help?      Schedule a call with an Information Security Officer at iLLÜM

At ILLÜM Advisors we believe that IT should accelerate your business, not be a problem that slows it down.

We accelerate and mature existing IT teams, by providing Leadership, Security, Project Management, and customer satisfaction, for organizations that simply cannot afford to waste time and budget

For more information schedule a free 20-minute call with iLLÜM Advisors.

Share this article with a friend

G.S.D.
Get. Success. Delivered.

  • Aligned
  • Accelerated
  • Budgeted
  • Governed
  • Secured
  • Transparent

We respond within 24 hours

iLLUM understands that IT is the framework upon which an entire business operates. In order to match the level of responsiveness our customers require for IT issues, iLLUM has invested heavily in developing customer platforms that allow us to onboard new clients in a matter of hours. If you reach out to us, we will respond and make ourselves available to meet within 24 hours.

Subscribe to our monthly newsletter

iLLÜM was founded to serve organizations that need clear visibility in the areas of IT leadership, program management, and their exposure to risk.

Quick Links
Important Links
Let’s Connect!
Connect with entrepreneurs, build your network, make great business.
Twitter
Facebook
Linkedin
  • Phone
  • Mail
  • WhatsApp
  • Messenger
× Send
Copyright © 2024 by IlUM Advisors

Powered by Webtec

Create an account to access this functionality.
Discover the advantages