Due to the COVID-19 situation many Governments, Organisations, and businesses transform into online communication platforms or integrate into their system and use it as a primary communication channel. Universities and academic institutions all around the world also decide for a sudden shift to online learning in a short period of time.
According to the New York Times analysis of internet usage in the US and special services that allow us to work and learn from home increasing continuously.
At Kozminski our main communication channel is Microsoft Teams, MS Teams is one of the products of O365, and a very popular subscription services that MS offer academic institutions among Google G Suite, Zoom for Education, and many more.
Cloud-based communication platform security is a huge threat that we as a student, employer, and user-facing threats daily, it’s clear to us there is no perfection in SaaS. Startup, Footprint, Runtime, Responsiveness, Hangs, rendering, and so many more that we use to hear as BUGS, but Security Bugs is one of the scariest to end user because makes us a vulnerable and the main target.
Abnormal Security researchers warn of a phishing campaign that pretends to be an automated message from MS teams, but actually aims to steal the credentials of O365 recipients.
Phishing is a fraudulent attempt to obtain sensitive information or data, it’s a very popular and old technique of attack. This campaign attack was sent to 15,000 – 50,000 O365 users according to researchers with Abnormal Security
“Because Microsoft Teams is an instant-messaging service, recipients of this notification might be more apt to click on it so that they can respond quickly to whatever message they think they may have missed based on the notification,” said researchers in a Thursday analysis.
The phishing Email displays the name “There’s new activity in teams”, making look like it’s an automatic notification from Microsoft Teams.
As can be seen in the picture below, the email tells the recipient that his teammates are trying to reach him, warns him that he has missed the MS Teams Chat and shows an example of a teammate chat where he is asked to submit something.
It’s certain that Using 2FA or Multi-FA will make an important additional layer, low coast solution In many cases, it does stop phishing attacks from succeeding but it doesn’t mean your are immune to attacks. Also according to MS365 administration official documentation first task is to “Set up multi-factor authentication” and apply to the user as required widely within the organization and the Second task “Train your users” Also Microsoft recommended The Harvard Kennedy School Cybersecurity Campaign Handbook guidance.
In my opinion, due to rapid changes and system integration, most IT Teams can not feed their users enough information and updates, and it’s time for us as the end-user to watch tutorials to familiarises ourselves and read more informations about our daily software/tools.
And here is to learn more about how to set up 2FA on your Microsoft account Step by Step
Resource: Abnomal Security
MS = Microsoft Teams – O365 = Office 365 – 2FA = Two-Factor Authentication