• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Attackers Prey On Microsoft Teams Accounts To Steal Credentials

Attackers prey on Microsoft Teams accounts to steal credentials

You are here: Home / General Cyber Security News / Attackers prey on Microsoft Teams accounts to steal credentials
October 22, 2020

A new phishing attack impersonates an automatic communications message from Microsoft Groups to steal a company user’s login qualifications.

Abnormal Security, which disclosed the attack technique these days in a blog, maintains that Microsoft Teams has develop into a well known interaction tool, specially all through the pandemic, producing it an beautiful model for attackers to impersonate.

Here’s how the attack operates: The email gets sent from the display identify in the subject matter header, “There’s new activity in Teams,” making it seem like an automated notification from Microsoft Teams. It then notifies the user that their teammates are seeking to arrive at them and urges the recipient to click “Reply in Teams.” This potential customers to a phishing web page. 

✔ Approved Seller From Our Partners
Malwarebytes Premium 2022

Protect yourself against all threads using Malwarebytes. Get Malwarebytes Premium with 60% discount from a Malwarebytes official seller SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Within just the body of the email, there are 3 back links that functionality as a lure. They say “Microsoft Groups,” “

despatched a information in fast messenger,” and “Reply in Groups.” Clicking on any of these sales opportunities to a pretend website that impersonates the Microsoft login web site.

The phishing web site then asks the consumer to enter their email and password. Should recipients drop sufferer to this attack, their login credentials as effectively as any other info saved on their account will be compromised. The attacker spoofed staff emails and also impersonated Microsoft Teams.

In accordance to the Irregular Security site, corporate people are additional most likely to fall prey to this form of attack when they think it originates from in the company and also from a reliable brand name like Microsoft Groups.

And because Microsoft Teams also capabilities as an immediate messaging service, end users are a lot more apt to click to react promptly to whichever message they think they could have been missed, based on the notification. The link landing site also seems convincingly like a Microsoft login site with the start of the URL containing “microsftteams,” lending further more credibility.

This is not the very first time Teams has been targeted. Irregular Security claimed a similar system in Could.


Some sections of this report are sourced from:
www.scmagazine.com

Previous Post: «Cyber Security News Oregon Retailer Suffers Sustained Data Breach
Next Post: Malicious SharePoint and OneDrive links are a phishing scammer’s dream Malicious Sharepoint And Onedrive Links Are A Phishing Scammer’s Dream»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • SIM-based Authentication Aims to Transform Device Binding Security to End Phishing
  • New Chaos Ransomware Builder Variant “Yashma” Discovered in the Wild
  • Open source packages with millions of installs hacked to harvest AWS credentials
  • DOE ‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌funds‌ ‌development of Qunnect’s Quantum Repeater
  • Cabinet Office Reports 800 Missing Electronic Devices in Three Years
  • Malware Analysis: Trickbot
  • Conti Ransomware Operation Shut Down After Splitting into Smaller Groups
  • US Car Giant General Motors Hit by Cyber-Attack Exposing Car Owners’ Personal Info
  • Microsoft Warns of Web Skimmers Mimicking Google Analytics and Meta Pixel Code
  • ICO Fines Clearview AI £7.5m for Collecting UK Citizens’ Data

Copyright © TheCyberSecurity.News, All Rights Reserved.