New phishing attacks have been popping up on collaboration tools like MICROSOFT TEAMS.
So why are they targeting tools like Microsoft Teams? Aside from this particular service having 270 million + monthly active users, we tend to trust these applications.
If the attack comes in email, I can check the sender and verify their address. In Teams, the bad guys already have credentials and are using them.
It looks like my boss is sending me a Teams message. I’ve talked to my boss on here 100+ times in the past week. Surely this is still my boss messaging me.
How are these attacks being executed?
There are many possibilities for attack.
Threat actors are dropping malicious files and malware into Teams conversations. Once this is clicked, the file installs a Trojan on a user’s Windows PC; the Trojan then installs the malware.
Bad guys are also requesting gift cards to be purchased, or persuading employees to perform a wire transfer of funds to their account.
Some of these attackers are getting very sophisticated.
While the CEO of a customer company was traveling to China, the bad guys posed as the CEO and sent a message to several employee’s asking them to join a Teams meeting. The employees joined the Teams meeting and saw video of the CEO. Little did they know, this was video feed from a past TV interview; the attackers had added a fake background as well to look like the CEO was in China. There was no audio, the “CEO” sent a message saying there must be a bad connection and dropped a SharePoint link into the chat requesting the employees send some requested information.
You may be thinking, “This is extreme.” While it is extreme, it is important to note these are legitimate jobs on the Dark Web. See the job posting below:
While you are at work, 8 hours a day, performing your daily tasks, so are the bad guys. This is their job, their career, their living. They will put the same effort into their work as you do into yours.
For the entrepreneur, you can be your own boss on the Dark Web! Just purchase a Phishing Kit, which gives you step by step instructions and all necessary code to execute the attack.
Let’s get prepared.
Do you know your organization’s cyber security posture?
Do you have a powerful cyber security solution stack?
Do you run regular phishing campaigns?
Do you provide consistent Security Awareness Training for your staff?