According to studies by numerous IT security firms, Microsoft Teams has become one of the favorite targets of phishing campaigns. Indeed, hackers take advantage of the blind trust employees place in the platform, which is mainly used in a professional setting.
With the democratization of teleworking, phishing campaigns have multiplied on the web. Pirates are also showing ingenuity in varying targets and hijacked sites/services. For example, these scammers are increasingly targeting users of public services such as the CAF or the National Gendarmerie. Professional software and networks are also in the crosshairs of scammers. We recently learned that phishing campaigns have exploded on LinkedIn in particular.
Microsoft Teams, the replacement for Skype, is no exception to the rule unfortunately. With 270 million active users, it must be said that the software of the Redmond firm is a prime target for phishing attempts. According to many IT security companies, cyberattackers have increased their efforts to target Microsoft Teams and Slack users.
Also read: Powerpoint – hackers use Microsoft software to spread malware
Users are less vigilant on Microsoft Teams
Why these services? Because most employees assume they are talking to their boss or colleague when they receive a message on these platforms. In other words, their vigilance is less than on their personal mailbox. “The scary thing is that we trust these programs implicitly, unlike our email inboxes, where we’ve learned to be wary of messages whose sender address we don’t recognize.” explains Armen Najarian, manager at Outseer, a company specializing in anti-fraud technologies.
In addition, and according to the secure messaging platform Avanan, thousands of attacks involving malware deposited in Teams conversations were detected in January 2022. By attaching malware in Microsoft Teams chats“hackers have found a new way to easily target millions of users,” specify the experts of Avanan. Most of the time, hackers slip a Trojan horse into fake messages addressed to employees on Teams. Obviously, these trojans contain malware used to steal sensitive data such as credentials or other.
Also, they can access “all sorts of places in the company that they wouldn’t otherwise be able to access without compromising the network”. For researchers, this phenomenon will continue to grow as long as companies continue to exchange and organize themselves via online services. Suffice to say that a return to a traditional organization is not for now…