Here’s how you can recognize a phishing attack on Teams

TeamsPhisher is popular choice for hackers when it comes to phishing attacks on Microsoft Teams.

3 min. read

Updated onSeptember 20, 2023

updated onSeptember 20, 2023

Share this article

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

Key notes

As you might know already, Microsoft Teams is not just one of the most popular apps for working environments, but it’s also one of the most targeted apps for phishing, malware, and cyberattacks, altogether.

For example, in 2022,over 80% of Microsoft Teamsaccounts were the target of cyberattacks. 60% of Microsoft 365 tenants were successfully hacked in 2022, so it’s safe to say Microsoft products are vulnerable and at risk.

However, there are ways to protect yourself from phishing and other malware, when using Microsoft Teams. Watching out for theTeamsPhisher toolis one of them, as this little tool is a Phyton 3 program that fully automates a cyberattack, and has become popular to use amongst hackers and threat actors.

The tool, which has a GihHub page in case you’re wondering how it works, is able to conduct phishing messages and attachments toMicrosoft Teamsusers that allow external communications.

The TeamsPhisher tool bypasses Teams policies to enable phishing attacks

Usually, it’s not possible for any Teams users to send files or attachments outside of their organization. However, TeamsPhisher can apparently bypass this policy by making use of Teams web requests.

Hackers would need a Microsoft Business account (not personal), with a valid Teams and Sharepoint license.

According to the tool’s developers, you can easily get a Microsoft Business account:

This means you will need an AAD tenant and at least one user with a corresponding license. At the time of publication, there are some free trial licenses available in the AAD license center that fulfill the requirements for this tool.

And once you have it, there is a guide on how to effectively hack someone.

On the other side, though, things look far more formal, which creates a feeling of authority, needed for users to actually fall in the phishing trap.

This is how you can recognize a phishing attack done using the TeamsPhisher tool.

And, the tool is also used to send complex and convincing emails to Business users. These emails usually have an attachment that can be clicked. Once you do that, your account is compromised.

So, you should not answer to anyone that isn’t in your organization. Preview their messages first, and then talk to your IT managers or security managers about it.

Then, you should also be mindful about suspecting emails that seem to come from your coworkers. Look out for every odd-looking attachment, that is the first sign something is not right.

The TeamsPhisher has become quite a popular phishing tool when it comes to hacking Teams accounts, and many hackers have tried it and will still try it from now on.

But at least, you’ll know how to recognize these attacks and protect yourself accordingly.

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low#

Copilot in Outlook will generate personalized themes for you to customize the app#

Microsoft will raise the price of its 365 Suite to include AI capabilities#

Death Stranding Director’s Cut is now Xbox X|S at a huge discount#

Outlook will let users create custom account icons so they can tell their accounts apart easier#

Here’s how you can recognize a phishing attack on Teams#

The TeamsPhisher tool bypasses Teams policies to enable phishing attacks#

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low

Copilot in Outlook will generate personalized themes for you to customize the app

Microsoft will raise the price of its 365 Suite to include AI capabilities

Death Stranding Director’s Cut is now Xbox X|S at a huge discount

Outlook will let users create custom account icons so they can tell their accounts apart easier

Here’s how you can recognize a phishing attack on Teams

The TeamsPhisher tool bypasses Teams policies to enable phishing attacks