Hardly any place in the digital space is safe from phishing attacks these days. Even supposedly trustworthy applications and platforms such as Microsoft Teams are now being abused by malicious actors to send phishing messages.
Many end users are aware of the dangers of traditional phishing attacks such as email or other media. However, you should be aware that applications such as Microsoft Teams can also represent a phishing vector. Microsoft Teams, usually considered a secure tool for corporate communication, has recently become the target of phishing attempts: cybercriminals are using the “External Access” feature to launch complex attacks, as was the case in the recent case of DarkGate. Malware has shown.
Exploitation of external access
Even though Microsoft Teams is often only used within your own organization, Microsoft enables external access by default. This allows members of a company to add users outside the organization to their Teams chats. This feature provides malicious actors with a new opportunity to attack untrained or ignorant users.
Users should therefore be particularly vigilant with the “.onmicrosoft[.]com” domain. Because even if it seems real at first glance, that is unfortunately not the case. Attackers send a malicious file with a double extension via this domain. This is intended to make users believe that it is a PDF file. However, opening this file installs the DarkGate malware. For example, the attached file with a double extension is called “.pdf.msi”. This second extension is usually hidden by the file system. The user thinks they are downloading a business PDF file, but instead receives a malicious installer.
In order to protect organizations, it is important to make users aware of threats such as phishing. Security awareness training is helpful in instilling a healthy level of suspicion in employees so they can identify social engineering methods. Implementing such training enables employees to make smarter security decisions every day, thereby reducing the risk posed by cyber threats. (Martin J. Krämer, Security Awareness Advocate at KnowBe4)
More at KnowBe4.com
About KnowBe4 KnowBe4, provider of the world's largest platform for security awareness training and simulated phishing, is used by more than 60.000 companies around the world. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness of ransomware, CEO fraud and other social engineering tactics through a new approach to security education. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped develop the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as the last line of defense.
Matching articles on the topic