Warning: Phishing attacks targeting Microsoft Teams show signs of sharp increase
The outbreak of the COVID-19 pandemic has forced hundreds of millions of people to work, study at home, the need for online support platforms in general and video conferencing in particular. Because of that, it increased sharply. Microsoft Teams is a prime example, this remote support platform has achieved impressive growth growth in April, with the number of regular users increasing by 70% in just over 1 month.
However, this is also the reason why Microsoft Teams is reluctant to become the new target that online scammers are targeting.
According to the latest finding from the security organization Abnormal Security, the attackers started sending emails that impersonate automated notifications from Microsoft Teams to deceive users, then steal the victims' credentials. unaware.
Fake emails are designed meticulously, with links leading to malicious landing pages that also look identical to Microsoft's legitimate website. In particular, attacks reported by Abnormal Security do not tend to target individuals or businesses in a specific field like many other phishing campaigns. Instead, malicious emails can be sent to anyone, making the infection rate harder to control.

To evade malicious link detection tools and hide the real URL of the domain name being used to organize attacks, hackers use multiple URL redirects. There have been at least two separate phishing attacks targeting Microsoft Teams recorded by Abnormal Security in April alone.
In the first attack, phishing emails contained links to documents stored on a website used by an email marketing company. This document contains 1 image that requires users to log in to their Teams account. When clicking on the image, the victim will be redirected to the fake landing page of Microsoft Office account login page to steal login information.
In the second campaign, the link in the email redirects the user to a page on YouTube and then redirects a few more times before reaching the landing page stealing credentials. Because Microsoft Teams is linked to Microsoft Office 365, an attacker may have access to other data associated with the victim's Microsoft login information through a single sign-in.

These two campaigns are most likely not of the same origin. They have different payload distribution content and methods. At the same time using the sender information is not the same.
A few days ago, another serious flaw was discovered on Microsoft Teams, allowing hackers to hijack user accounts with just a GIF file.
In general, this form of fraud has been designed more sophisticatedly but it is not new in nature. Even so, it will still be dangerous for ordinary users who do not have a lot of security knowledge.
You should read it
- How to identify phishing emails
- [Infographic] 4 types of Phishing are easy to trap users
- 25% of 'over-the-counter' phishing emails are the default security of Office 365
- [Infographic] How to recognize and prevent Phishing attacks
- Microsoft shows how to avoid trapping phishing
- What is Spear Phishing?
- How to report phishing emails in Outlook.com
- 5 signs to identify phishing websites
May be interested
- Keyboard shortcuts in Microsoft Teamsthis article summarizes the following shortcuts in microsoft teams by tipsmake will help you work faster in the process of using teams, thanks to the microsoft teams keyboard shortcuts that will save time and increase productivity on the plus platform. online collaboration.
- New phishing attacks appear to use Google Translate as a disguiserecently, a phishing campaign to steal google accounts and facebook login information has been discovered using google translate (google translate) as a disguised location on mobile browsers.
- Microsoft shows how to avoid trapping phishingmicrosoft has issued a warning and recommended ways to protect users of e-mail services ...
- Link download Microsoft Teams 1.3.00.3564microsoft teams is a communication application that creates an ecosystem for meeting and exchanging information in the enterprise. this microsoft tool allows companies to conduct online meetings with all the features needed to create an environment conducive to productivity.
- New Phishing Attack Disables iPhone Security: How to Protect Yourself?a dangerous smishing campaign is targeting apple imessage users, using social engineering to disable the messaging service's built-in anti-phishing protection.
- [Infographic] How to recognize and prevent Phishing attacksthere are dozens or even hundreds of emails sent to your inbox every day. so how do i know they are not phishing attack emails?
- How to protect yourself from phishing attacks via mobile phonesmobile phones are a great gadget, and it has marked a huge change in the lives of each of us. combined with the internet, smart phones help users have access to a huge amount of data whenever you need it.
- Hacker purged two-factor security just by automated phishing attackssurely many people still believe that protecting online accounts with two-factor authentication can be an effective way to fight hackers, but after the incident, we may need to think think!
- Microsoft warns of new malware threat spread through Teamsmicrosoft has just issued an urgent cybersecurity alert regarding a threat actor using microsoft teams chats to spread malware.
- Summary of shortcuts for Microsoft Teams to learn onlinemicrosoft teams shortcuts help users work faster during online learning or meeting remotely on the computer. the following article will summarize all the keyboard shortcuts when using microsoft teams.