As people become more aware of phishing emails, cybercriminals are forced to turn to alternative platforms to trick their victims. For example, many organizations use Microsoft Teams as a messaging and communication platform. But did you know that it can also be used for phishing attacks?

Microsoft Teams allows users who are not part of your organization to message you. Cybercriminals recently exploited this feature to send phishing messages to Microsoft Teams users. The message includes a malicious file disguised as a PDF attachment. The scammers make the file look like a PDF file to trick you into thinking that you are downloading a normal attachment, but it’s really an installer file in disguise. The file actually contains malware that is installed once the file is downloaded.
 
As cybercriminals continue to find new attack methods, it’s more important than ever to remain alert! Follow these tips to avoid falling victim to a Microsoft Teams phishing attack:

• Be suspicious of unexpected messages, even if they appear to come from a trusted source, such as Microsoft Teams. When in doubt, always attempt to verify the authenticity of the person who sent you the message!
• File names aren’t always what they seem. Always be sure that an attachment is legitimate before you click on it!
• Remember, this type of phishing attack isn’t exclusive to Microsoft Teams. Scammers could use this type of attack on any messaging platform.

Stop, Look, and Think. Don't be fooled.
KnowBe4.com

2/7/2024