Phishing Attack Targeting Microsoft Teams

Up to 50,000 Office 365 / Microsoft 365 users are being targeted by a phishing attack. The phishing attack pretends to notify them of a “missed chat” from Microsoft Teams.

The email then prompts a response by clicking on the button in the email, which leads to the attackers webpage.

The webpage, which looks similar to the Microsoft login page then requests the users login details. If provided these login details are then passed straight to the attackers which they can use to take over the account, steal files / emails and any other sensitive data that can be accessed by the account.

A reminder on how to spot phishing emails can be found in one of our earlier posts here Spot suspicious emails

There is also some free training from the NCSC which can help staff to keep safe, click here

For further details about the attack and an image of a sample email click here

Concerned about the security of your systems and would like more help?

Have a look at our support offer, send us an email or give us a call, for details click here