With an increase in remote working, hackers have become more sophisticated in targeting the platforms businesses are using for collaboration between workforce members. One such hacking attack has been launched on Microsoft Teams users. It is estimated that up to 50,000 users have been targeted by the Microsoft Teams phishing attack. More details are discussed below.
Microsoft Teams Phishing Attack: What to Look For
Hackers have been targeting Microsoft Teams users with a phishing campaign that trickers users into believing that they are receiving an automated message from Microsoft. The phishing email displays, “There’s new activity in Teams,” in the from section of the email. Within the body of the email, a snippet of the message states that the recipient needs to submit something by Wednesday. The fake Microsoft email then prompts users to click on a button to reply to the message seemingly from their team member.
“Because Microsoft Teams is an instant-messaging service, recipients of this notification might be more apt to click on it so that they can respond quickly to whatever message they think they may have missed based on the notification,” stated Abnormal Security researchers.
The Microsoft Teams phishing attack is not the first of its kind. In May, hackers launched another phishing campaign targeting Microsoft Teams members. These two campaigns targeted approximately 50,000 Microsoft Teams users.
Abnormal Security researchers stated, “Should the recipient fall victim to this attack, this user’s credentials would be compromised. Additionally, since Microsoft Teams is linked to Microsoft Office 365, the attacker may have access to other information available with the user’s Microsoft credentials via single-sign on.”
Microsoft Teams Phishing Attack: What Does This Mean for Healthcare Users
Microsoft Teams is a HIPAA compliant platform, and as such it is permitted to be used by healthcare organizations. Since the Microsoft Teams phishing attack was so widespread, it is likely that some of their healthcare users were targeted. Should a user from a healthcare organization fall victim to the phishing attack, hackers would be able to access the users network. This could potentially compromise the organization’s protected health information (PHI).
With hackers becoming more sophisticated in perpetrating phishing attacks, it has become more difficult to recognize a phishing email. The Microsoft Teams phishing attack points to the need for robust employee training.