Cybercriminals have recently been using the Microsoft Teams feature of messaging outside of your organization to send phishing messages.
As people become more aware of phishing emails, cybercriminals are forced to turn to alternative platforms to trick their victims. For example, many organizations use Microsoft Teams as a messaging and communication platform. But did you know that it can also be used for phishing attacks?
Microsoft Teams allows users who are not part of your organization to message you. Cybercriminals recently exploited this feature to send phishing messages to Microsoft Teams users. The message includes a malicious file disguised as a PDF attachment. The scammers make the file look like a PDF file to trick you into thinking that you are downloading a normal attachment, but it’s really an installer file in disguise. The file actually contains malware that is installed once the file is downloaded.
As cybercriminals continue to find new attack methods, it’s more important than ever to remain alert! Follow these tips to avoid falling victim to a Microsoft Teams phishing attack:
- Be suspicious of unexpected messages, even if they appear to come from a trusted source, such as Microsoft Teams. When in doubt, always attempt to verify the authenticity of the person who sent you the message!
- File names aren’t always what they seem. Always be sure that an attachment is legitimate before you click on it!
- Remember, this type of phishing attack isn’t exclusive to Microsoft Teams. Scammers could use this type of attack on any messaging platform.
Stop, Look, and Think. Don’t be fooled.
KnowBe4 is the world’s most popular integrated platform for awareness training combined with simulated phishing attacks. Let Keller Schroeder show you how KnowBe4 has helped thousands of organizations just like yours manage the continuing problem of social engineering. Contact us today to learn more.
DISCLAIMER : Any non-technical views expressed are not necessarily those of Keller Schroeder or its employee-owners.
