Microsoft Teams

This scam makes you believe that you are going to enter a video call and steals your data

Microsoft Teams

Microsoft Teams is one of those applications that have revalued in this quarantine period. We are all making video calls beyond our means, and there are applications for all tastes. For this reason, cybercriminals have taken advantage to create phishing in Microsoft Teams and steal our data.

Unfortunately, phishing attacks are widespread. It is an attack that pretends that we “click” on a link so that the cybercriminal has access to personal data. Typically, cybercriminals “work” for it a little, and attacks quickly identified, but it is a worth warning.

And, as we say, video call applications are currently being used more than ever. And Teams are one of the most useful. Integrated into Microsoft Office 365 suite. Teams are being used in both an educational and professional environment and are one of the juiciest applications for cybercriminals.

As we read on Windows Central, the new Teams scam is pretty far-fetched. Criminals have cloned the Teams page and subsequently sent fake emails to different users. When we click on the link that appears in the email, we go through different URLs. That covers up the phishing attack, and then we end up on the Office 365 login page.

By entering our Microsoft session data, attackers can access our account, as they have both username and password. The company Abnormal Security, in charge of investigating the network to find cases of this type. Has been the one that has seen the deception and. As they detail, the attack was quite successful:

“The email and landing page were compelling. The links and web pages are visually identical to the legitimate Microsoft ones, as well as the login page. Recipients would have a hard time understanding that these sites created to deflect the attention and steal your credentials. “

As of May 1, between 15,000 and 50,000 inboxes were victims of this attack. That also steals not only our account but also those associated with it (members of our team. People with whom we share accounts, etc.).