The phrase ‘Microsoft Teams’ was probably totally foreign to most a couple of months ago, but now almost everyone, especially in the business world, uses Microsoft Teams on a weekly, daily and possibly hourly basis. So as always within our industry, this has given the criminal community an opportunity to exploit the increased use of Teams in an attempt to steal your credentials.
The criminals will send you an email that looks and feels just like it would if it had of come from an Office365 automated notification, which re-directs you back to a phishing website. These guys are cleaver – the ‘sender’ is “sharepointonline-irs.com”, or similar, so some people may think that it is the real thing, but this has absolutely nothing to with Microsoft.
Basically, the objective is to get you to input your log in details, so DON’T! Weather it is a request to log in to receive a document, or log in to view messages left by a team mate, or even a re-direction to a YouTube page or a re-direct to any convincing Microsoft 365 Log In page complete with the image that the company uses for it’s log in page – so just don’t do it.. if someone gets access to your account, catastrophic damages can be done which can last for years!
So to cut a long story short, only log in when you know where you are going. If you are not sure, even just a little bit of doubt – then back out and start again. Get your I.T. department or Services Provide to check. It is much easier for a company like JMV to check for you, than it is for us to try to sort out the catastrophic damage caused by you indirectly giving away your credential to a criminal organisation.
Keep safe on-line !