Microsoft Teams is being targeted by phishing attacks

While both of the phishing campaigns the security researchers discovered are no longer in operation, others could be.

1 minute & 20 seconds read time

There are many online chat and video chat services that are being used increasingly during the coronavirus pandemic around the world. One of those is Microsoft Teams, and with the significantly increased use of Teams also comes cybercriminals looking to take advantage of those using the service. A security research firm called Abnormal Security has announced that cybercriminals are using new phishing campaigns targeted at Teams users that are attempting to steal Microsoft account credentials.

Microsoft Teams is being targeted by phishing attacks 01

Abnormal Security says that it has discovered a series of convincing emails that are designed to spoof notification messages from Microsoft Teams. One of the campaigns the security researchers talk about is a phishing email that includes a link to a document on a domain used by a legitimate email marketing company for hosting content for marketing campaigns. The document that is linked to is an image that prompts users to sign into their Microsoft Teams account.

Anyone clicking on the image is taken to is a malicious page impersonating the Microsoft Office logon page with the intent of capturing the user credentials. Another campaign the security researchers found redirects the user to a page hosted on YouTube. That page is redirected two more times until reaching a fake Microsoft page that is attempting to steal login credentials.

Abnormal Security says that the attackers are using multiple URL redirects to conceal the actual URL, and to evade malicious link filtering used by email security products. The researchers say that the first campaign started on April 14 and lasted two days, but hasn't been seen since. The second campaign began on April 29 and lasted a few hours before disappearing. The fishing campaigns were sent to customers in energy, retail, and hospitality industries but weren't targeted at any specific company or industry. Microsoft recently patched a flaw that could allow for Teams account take over.

Buy at Amazon

Mastering Microsoft Teams

TodayYesterday7 days ago30 days ago
* Prices last scanned on 9/4/2023 at 4:08 pm CDT - prices may not be accurate, click links above for the latest price. We may earn an affiliate commission.

Shane is a long time technology writer who has been writing full time for over a decade. Shane will cover all sorts of news for TweakTown including tech and other topics. When not writing about all things geeky, he can be found at the track teaching noobs how to race cars.

Newsletter Subscription

Related Tags