KnowBe4 - The New Playground for Cybercriminals: Securing the Microsoft Teams Frontier

The New Playground for Cybercriminals: Securing the Microsoft Teams Frontier

With 320 million daily users on Microsoft Teams, the ability to connect with colleagues across the organization has never been more seamless… or more targeted.

The shift isn’t just about where we talk; it's about how we are being attacked. Threat actors moving beyond phishing emails and are infiltrating into the trusted spaces where your employees feel safest. 

Starting in 2023, hackers began shifting their focus to Microsoft Teams with massive success, exploiting a high-trust environment where users are significantly more likely to comply with deceptive, urgent requests. By 2025, threat actors introduced callback phishing and voice phishing (vishing) as preferred methods to manipulate employees directly through Microsoft Teams. 

Because of the level of sophistication in these attacks, relying solely on native anti-phishing rules has proven risky. Recent logic errors in these heuristic systems have caused significant operational disruptions, mistakenly blocking thousands of legitimate work messages and critical links.

Introducing the Microsoft Teams Phish Alert Button (PAB)

To meet these escalating threats, KnowBe4 is extending our defenses into the collaboration space. The Microsoft Teams Phish Alert Button allows your workforce to remain vigilant outside the inbox and report suspicious activity using the same workflow you’ve already trained them to use.

By adding the Microsoft Teams PAB to your arsenal, your organization gains:



from Human Risk Management Blog https://blog.knowbe4.com/new-playground-for-cybercriminals-securing-the-microsoft-teams-frontier

Comments

Post a Comment

Popular posts from this blog

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"

Image
Eric Howes , KnowBe4 Principal Lab Researcher, found out about another insidious bad guy trick: " If you work in IT there has undoubtedly come a dark moment when you wondered to yourself just who among your employee users would be gullible enough to click through a phishing email and potentially bring down your organization. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/when-users-add-their-names-to-a-wall-of-shame
Read more

KnowBe4 - Uncovering the Sophisticated Phishing Campaign Bypassing M365 MFA

Image
Lead Analysts: Jeewan Singh Jalal, Prabhakaran Ravichandhiran and Anand Bodke KnowBe4 Threat Labs has detected a sophisticated phishing campaign targeting North American businesses and professionals. This attack compromises Microsoft 365 accounts (Outlook, Teams, OneDrive) by abusing the OAuth 2.0 Device Authorization Grant flow, bypassing strong passwords and Multi-Factor Authentication (MFA). The victim is directed to the legitimate Microsoft domain ( microsoft.com/devicelogin ) portal to enter an attack-supplied device code. This action authenticates the victim and issues a valid OAuth access token to the attacker’s application. The real-time theft of these tokens grants the attacker persistent access to the victim’s Microsoft 365 accounts and corporate data. from Human Risk Management Blog https://blog.knowbe4.com/uncovering-the-sophisticated-phishing-campaign-bypassing-m365-mfa
Read more

The Hacker News - ⚡ Weekly Recap: WhatsApp 0-Day, Docker Bug, Salesforce Breach, Fake CAPTCHAs, Spyware App & More

Cybersecurity today is less about single attacks and more about chains of small weaknesses that connect into big risks. One overlooked update, one misused account, or one hidden tool in the wrong hands can be enough to open the door. The news this week shows how attackers are mixing methods—combining stolen access, unpatched software, and clever tricks to move from small entry points to large from The Hacker News https://thehackernews.com/2025/09/weekly-recap-whatsapp-0-day-docker-bug.html
Read more