Threat actors are increasingly abusing workplace collaboration tools like Microsoft Teams to launch social engineering attacks, according to researchers at Palo Alto Networks’s Unit 42. Attackers are sending Teams messages that impersonate IT personnel, asking users to approve a multifactor authentication prompt. Both criminal and nation-state threat actors are using this social engineering technique to compromise organizations’ environments. While Microsoft Teams has measures to warn users about potential attacks, the user can still be tricked into accepting the message.

Threat actors are increasingly abusing workplace collaboration tools like Microsoft Teams to launch social engineering attacks, according to researchers at Palo Alto Networks’s Unit 42. Attackers are sending Teams messages that impersonate IT personnel, asking users to approve a multifactor authentication prompt. Both criminal and nation-state threat actors are using this social engineering technique to compromise organizations’ environments. While Microsoft Teams has measures to warn users about potential attacks, the user can still be tricked into accepting the message.

Source: KnowBe4
Source Link: https://blog.knowbe4.com/teams-phishing-social-engineering-collaboration-tools