Microsoft Teams Phishing Scam – Stay Secure. Stay Safe.

Share This Post

Microsoft Teams has seen huge success since it’s launch back in 2017. Now with an even greater amount of users working remotely during the COVID-19 pandemic the numbers have skyrocketed. Unsurprisingly however, there will always be little bit of bad to go along with the good, and the increase in success has unfortunately attracted some new phishing scams.

We at Adepteq would like to remind users what to look out for and how to stay safe and secure while working remotely.

A new phishing scam disguised as a Microsoft Teams notification.

Phishing scams are nothing new, and they are an easy way for people to steal personal information from those who are perhaps not as tech savvy.
The latest attempt has targeted Microsoft Teams users disguising an email notification from an intruder as a message from Microsoft Teams.

The aim is to steal login credentials by asking them to sign in from the link provided in the email.


The message states that users have unread messages left by teammates in Teams. The attached link takes users to a fake landing page created to look like real web pages for Microsoft Teams.
This is particularly dangerous at a time when users online activity is higher than ever and may click first without checking.

“Since the imagery found throughout this attack is actual imagery used by the legitimate provider, the recipient may be more convinced this is a legitimate email. This holds especially true on mobile where images take up most of the content on the screen.”

How did they do it?

Due to several URL redirections it has been difficult for email protection services to find the hosting address and mark the email as dangerous.

There have been 2 observed methods which the attackers use to steal information.
The first being an email containing a link to a document which asks recipients to log in. This takes them to the fake landing page disguised as Microsoft Office. The other method has been a YouTube link which redirects multiple times and finally lands users on the same impersonating landing page.

“If a recipient falls victim to the attacks, their login credentials get compromised, attackers may gain access to Microsoft Office 365 services also. The attack targets for than 50,000 employees to steal login credentials.”

Stay Safe. Stay Secure.

We would like to offer a friendly reminder to all users of any online service to stay safe and vigilant when working online.
Do not click links in emails, and always double check where you are when entering important information.
If you get a notification asking you to sign in or download any files, always play it safe. Close the email, and open up the Teams app to check yourself.

If there is ever anything you are unsure about or think is a phishing scam then contact us here at Adepteq.

We protect Adepteq with the Ajax Intelligent Phishing Detection solution, which we have also deployed for clients. We would welcome the opportunity to demonstrate this to you and help ensure your users do the right thing.