There are new phishing email that are impersonates as an automated email from Microsoft Teams (Zurier, 2020).
The email is being sent to the user with the header “There’s new activity in Teams”. Which also includes the content that would be in the real Microsoft
Teams automated email. It includes the notification that someone within their team is trying to reach them and it urges the user to click on reply bottom to reply to that user. By clicking the reply button, it takes the user to a phishing website that look similar to Microsoft Teams login page which includes the username and password fields. If the user logs in to the impersonated website their login credential as well as their information stored within their account will be compromised.
Accordingly to the Abnormal Security blog, cooperate users are more likely to fall victim for this phishing email since they would believe the email is originated from their organization and by view the content in the email that are same as Microsoft Teams automated email (Zurier, 2020).
References:
Zurier, S. 2020. Attackers prey on Microsoft Teams accounts to steal credentials. Retrieved from: https://www.scmagazine.com/home/security-news/vulnerabilities/attackers-prey-on-microsoft-teams-accounts-to-steal-credentials/
Leave a Reply
You must be logged in to post a comment.