According to security researchers at Abnormal Security, Microsoft Teams has been hit by two separate attacks targeting as many as 50,000 users. The campaigns reportedly aim to phish Office 365 logins. The cyberattacks impersonate notifications from Microsoft Teams in order to prompt the victim to enter login credentials, which are then harvested through malicious and fraudulent notifications.
Recently, the US Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA) warned about the implications of Office 365 remote-work deployments, stating that it had viewed instances in which the best security practice is not being implemented. This results in increased vulnerability to attacks. According to Abnormal Security, employees who are targeted receive an email that contains a malicious link that prompts them to log in to Microsft Teams. If this button is clicked, the victim is transferred to a login page impersonating Microsoft Office.
Read More: Microsoft Teams Impersonation Attacks Flood Inboxes