Latest Cyber Security News

You are here: Home / General Cyber Security News / Attackers prey on Microsoft Teams accounts to steal credentials
October 22, 2020

A new phishing attack impersonates an automatic communications message from Microsoft Groups to steal a company user’s login qualifications.

Abnormal Security, which disclosed the attack technique these days in a blog, maintains that Microsoft Teams has develop into a well known interaction tool, specially all through the pandemic, producing it an beautiful model for attackers to impersonate.

Here’s how the attack operates: The email gets sent from the display identify in the subject matter header, “There’s new activity in Teams,” making it seem like an automated notification from Microsoft Teams. It then notifies the user that their teammates are seeking to arrive at them and urges the recipient to click “Reply in Teams.” This potential customers to a phishing web page. 

✔ Approved Seller by TheCyberSecurity.News From Our Partners
Avast Ultimate Suite 2021

Protect yourself against all threads using AVAST Ultimate Suite. AVAST Ultimate Suite protects your Windows, macOS and your Android via Avast Premium. In addition it comes with AVAST's well-known VPN service SecureLineVPN. Therefore, it will be a security and privacy in one package.

Get AVAST Ultimate Suite with 65% discount certified seller: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Within just the body of the email, there are 3 back links that functionality as a lure. They say “Microsoft Groups,” “

despatched a information in fast messenger,” and “Reply in Groups.” Clicking on any of these sales opportunities to a pretend website that impersonates the Microsoft login web site.

The phishing web site then asks the consumer to enter their email and password. Should recipients drop sufferer to this attack, their login credentials as effectively as any other info saved on their account will be compromised. The attacker spoofed staff emails and also impersonated Microsoft Teams.

In accordance to the Irregular Security site, corporate people are additional most likely to fall prey to this form of attack when they think it originates from in the company and also from a reliable brand name like Microsoft Groups.

And because Microsoft Teams also capabilities as an immediate messaging service, end users are a lot more apt to click to react promptly to whichever message they think they could have been missed, based on the notification. The link landing site also seems convincingly like a Microsoft login site with the start of the URL containing “microsftteams,” lending further more credibility.

This is not the very first time Teams has been targeted. Irregular Security claimed a similar system in Could.


Some sections of this report are sourced from:
www.scmagazine.com

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *