Cybercriminals are Impersonating Microsoft Teams to Steal Personal Information
Collaboration software tools like Microsoft Teams and Zoom have become essential as employees aim to stay connected while working from home during the COVID-19 pandemic. Unfortunately, the increasing use of these systems across the globe means that they become major targets of cybercriminals hoping to take advantage of employees adjusting to their new routines. Researchers have discovered that attackers are now targeting remote workers who use Microsoft Teams through phishing emails and false domains in the hopes of stealing their Microsoft Office 365 credentials to theft both personal and business information.
These attacks begin with a classic phishing email that appears to originate from Microsoft Teams. The email urges receivers to click on a provided link and proceed to log in to their Office 365 account. Once clicked on, the link redirects users to a landing page that perfectly represents the Microsoft Teams website. This false domain is extremely convincing as it is equipped with images and wording taken directly from the legitimate Microsoft Teams website in order to convince victims to enter their login credentials. Additionally, researchers found that these attackers use various URL redirects to conceal the actual URL of the false domain and bypass detection from email protection services that detect malicious links.
Attackers have already targeted more than 50,000 Microsoft Teams users and are attempting to stay undetected by slightly altering the method of these attacks. One attack features a notification email that appears to contain a link for a document from an established marketing provider. This email contains an image insisting users to log in to their Microsoft Teams account, but actually leads to a compromised URL impersonating the Microsoft Teams account page. In another form of the attack, users are redirected to a URL hosted on YouTube, which then redirects users until the site impersonating the Microsoft Teams credentials page is reached.
- Implement Multi-factor Authentication. Multi-factor authentication, where users are sent a verification code via text or email, adds an extra layer of security when logging in and provides alerts when someone is trying to use your credentials. Organizations should consider employing multi-factor authentication whenever possible. Recommended link: https://support.office.com/en-us/article/set-up-2-step-verification-for-office-365-ace1d096-61e5-449b-a875-58eb3d74de14
- Use unique passwords for your online accounts. Ensure that your online accounts are protected by using unique passwords for each of your individual accounts online. This can help protect your personal information by ensuring that if an attacker gains access to login credentials for one of your online accounts, they will not be able to use that information to access your other accounts. Consider using a password manager to keep track of your unique passwords and prevent credential theft. Recommended link: https://www.cnet.com/how-to/best-password-manager-for-2020/