
Microsoft Teams phishing attack targets Office 365 users.
Up to 50,000 Office 365 users will be targeted by a phishing campaign that claims to notify them of a “missed chat” from Microsoft Teams. Researchers warn of a phishing campaign posing as an automated message from Microsoft Teams. In reality, the attack is intended to steal the login credentials of Office 365 recipients. Teams is Microsoft’s popular collaboration tool, which has grown in popularity among external employees during the pandemic, making it an attractive brand for attackers to pose. This particular campaign has been sent to between 15,000 and 50,000 Office 365 users, according to investigators from Abnormal Security on Thursday. “Because Microsoft Teams is an instant messaging service, recipients of this notification may be more likely to click on it, so they can quickly respond to any message they think they missed based on the notification,” researchers said in an analysis thursday.