Microsoft Teams warns users of another dangerous phishing attack that is reportedly spreading ransomware. For experts and those who are familiar with Microsoft Teams, the platform is a frequently abused and targeted one for phishing campaigns.
Microsoft Teams Phishing Attack
Tech Company Microsoft has just released a warning message to customers of its Teams video conferencing tool amid ongoing attacks by a threat actor that is currently being tracked as Storm-0324 whereby phishing attacks reportedly lead to some really pretty dangerous consequences.
Redmond’s researchers have just revealed that the group has been active since at least 2016, which simply means that over the course of around seven years, we have been able to draw some similarities between the attacks of the group.
The company revealed that the emails of Storm-0324 typically follow invoice as well as payment themes, mimicking services such as DocuSign and Quickbooks. Microsoft as a company itself has not been immune from attacks, which is as demonstrated in the latest Teams-focused attacks.
The Group Is Abusing a Python Program
Analysts in the field reckon that the group in question is abusing a python program that is known as TeamsPhisher, which was reportedly crafted to allow tenant users of the video conferencing tool to attach files to messages that are sent to external tenants.
Microsoft however is most concerned about the ransomware attacks that have been facilitated by the phishing campaigns of the group, thus stating that identifying and remediating the activity of Storm-0324 is a key step in stopping “dangerous follow-on attacks.”
Microsoft Promises to Do Everything It Can To Eliminate Such Attacks
While the tech giant on its end promises to be doing everything it can to eliminate such attacks in question, the company also advises that administrators can effectively limit potentially destructive impacts simply by making use of the principle of least privilege, thus building credential hygiene, and following other company recommendations, even if it is that attackers manage to gain initial access.
Microsoft Threat Intelligence has reportedly outlined a host of steps that companies and admins can take in a bid to protect themselves from these types of attacks in question in the supporting announcement.
Steps To Follow To Reduce Cyber Threats
The unfortunate reality here with the whole thing is that some of the most sophisticated campaigns carried out can catch even the most tech-savvy off guard, but there are however some general pieces of advice that all consumers can easily and effectively follow in the face of rising cyber threats, and this is including paying close attention to email details such as the domain and address, as well as the grammar and layout of the content in general.
MORE RELATED POSTS