Phishing scams have grown at an alarming rate. Forbes reports a 400% year-over-year increase. It also notes that over 90% of cyberattacks begin by infiltrating emails. Hackers have focused on different mediums and organizations over the years. Unfortunately, Microsoft Teams has become their most recent favorite platform for these scams.
For example, consider this story told to VentureBeat. The hackers impersonated a CEO who was on a business trip to China. The hacker sent a WhatsApp message asking people to join a Teams meeting, then played video footage from one of the CEO's previous TV interviews during the conference call and even added a fake background to look like China. However, there was no audio, so the imposter left a convenient-looking SharePoint link for workers to follow up.
An employee clicked on the link, but the system blocked them from accessing the page. This emphasizes why companies need to rely on more than Microsoft 365 to secure their systems. Organizations must also have internal blocks in place.
Microsoft Teams has become increasingly popular. It had 145 million daily active users in 2021. These users have access to corporate data or could provide access via their log-in credentials. Individual users are also easier to hack than breaking into corporate networks. Hackers have even attempted to hack government agents using Microsoft Teams.
Hackers have also noted that few employees question the authenticity of Teams messages or the persons speaking with them. Instead, they reserve this suspicion for phone calls, texts and emails. Hackers have consequently sought to exploit that trust. Ironically, this exploitation will erode the trust over time.
Resolving this issue will take time and team effort, but Microsoft is taking steps. The tech company has expanded Microsoft Defender protections to the Teams platform. The service allows workers to report potential threats discovered in their emails. The expansion of Microsoft Defender protection will introduce this reporting feature to Teams.
Microsoft is still working on this feature and expects to release it in January 2023. However, it does have some existing features to address the problem. For example, in 2021, Microsoft expanded the Safe Links feature. This automatically blocks suspicious links sent in Microsoft Teams, similar to how the employee in the example could not open the fake SharePoint link.
Companies and their workers must take a zero-trust approach to requests for information and think twice before clicking links. Given the elaborate nature of some of these attacks, nothing less can keep organizations safe.
When hackers contact potential victims, they often deliberately create a sense of urgency. They want workers to take an action without thinking about it or pausing to verify the information. This could be anything from clicking on a link to calling a phone number. The goal is to keep people off-balance and prevent them from thinking straight.
Companies should equip workers with the knowledge and tools to identify when these messages likely come from hackers and to respond appropriately. They should report such messages regardless of how they receive them.
Hackers often need personal information to pull off their scams. They may ask for Social Security numbers, birthdays, log-in credentials and bank account information. If someone contacts a worker and requests this information, it is likely a scam.
Even if the request comes from a seemingly legitimate source, such as a human resources department, employees should not provide the information. Instead, they should go to the HR website or another trusted source to verify the request.
Train workers not to respond to suspicious messages, not even to confirm legitimacy. Responding confirms to hackers that they have a working Teams account. That could lead to more spam and phishing messages in the future.
Instead, report the message to IT. When Microsoft launches the ability to report suspicious messages directly, teach workers to do so. Microsoft can compile and analyze this data to better detect and block these messages in the future.
Instruct workers not to click on links they receive. Instead, they should type the address they know manually. This helps prevent them from accidentally going to a fake site set up by hackers. When workers cannot take this step, they should attempt to review the address of the URL. Workers can do this by hovering over the link or right-clicking and copying the address.
Having to manually visit websites may add some friction to the work process. However, it provides greater security in light of recent attacks on organizations.
Migrating to the cloud plays a critical role in most top business strategies. However, migration introduces temporary changes to work processes that could make it more difficult to spot phishing activity. Companies should work with experienced migration specialists to help them set realistic expectations of what to expect during secure data migration. Contact Cloudficient for more information.
With unmatched next generation migration technology, Cloudficient is revolutionizing the way businesses retire legacy systems and transform their organization into the cloud. Our business constantly remains focused on client needs and creating product offerings that match them. We provide affordable services that are scalable, fast and seamless.
If you would like to learn more about how to bring Cloudficiency to your migration project, visit our website, or contact us.