Fake Microsoft Teams notification emails are hitting inboxes

Joanna Estrada
May 5, 2020

According to researchers from Abnormal Security, criminals have been using cloned imagery and designs to make their malicious alerts look like real ones from Microsoft.

Security researchers have warned Microsoft Teams users of new email scams which attempt to steal the login details for their accounts.

With more than 75 million people now using Teams every day, and almost two dozen companies with more than 100,000 employees using the application, communication is at the heart of Teams. Abnormal Security first discovered and reported on the attack.

This document contains a URL-embedded image that urges the recipient to log into their Teams account. Another highly anticipated change is the possibility for admins to limit the number of users that can join a specific chat.

The second attack redirects the user to a link hosted on YouTube, which then uses two other URL redirects to send victims to a fake login page.

The increase in group chat limit 100 to 250 in Microsoft Teams will also be very useful to a lot of large businesses, or anyone who needs large group chats, but with this increased capacity, chatrooms might witness a barrage of notifications which can very well act as a distraction. "Because of this, recipients might not look further to investigate the message", they noted. Clicking on links within the emails goes through several URL redirects to cover up the attack and ends up on a realistic fake Office 365 login page.

This tactic is particularly risky as users are being bombarded with more alerts than ever as the popularity of video conferencing tools such as Microsoft Teams increases, this makes victims more likely to click on what they believe to be a legitimate message.

It is advisable not to click on any link in emails claiming to be from official sources without properly perusing the sender's details.

Other reports by Click Lancashire

Discuss This Article