As far as phishing campaigns go, this one is by no means the most creative or exciting, in fact, the main reason this attack has been so successful is because of how simple and effective the email spoofing method is. However, as is typical with phishing emails, the devil is in the detail.
The phishing emails are sent using the display name “There’s new activity in Teams”, appearing to be an automated notification from Teams attempting to convince users that they have missed a notification from a team member. By following the links in the email, it takes the recipient to a fake website pretending to be a Microsoft login page and asks them to enter their login credentials. Here is an example of what you can expect to see landing in your inbox if you are a recipient of this spoof email – if in doubt, throw it out.
Reports have noted that the fake websites look convincingly like Microsoft login pages with the URL containing ‘Microsftteams’ – a spelling mistake very close to the correct website name which is a common trick used by cyber criminals.
If recipients are tricked into entering their login credentials, they are granting cyber-criminals access to their Office 365 accounts. This means they will be able to access any information stored within Office 365, potentially leading to catastrophic consequences for your organisation.
Even if you have spam filters set up, they will never block 100% of phishing or scam emails and, with the rise of the phishing email, it’s more important than ever to educate your employees. That’s where Infuse come in…
Not only have we compiled a list of signs to stop you being reeled in when it comes to phishing emails here, but we also provide support and training for employees on cyber-safety and the latest technologies to ensure your business systems are secure as they can be. Get in touch today at [email protected] to find out more.