Be Alert: Fake Microsoft Teams Invitation

Share on linkedin
Share on twitter
Share on facebook
IT Security

September 09, 2020

IT Networks recently received a fake Microsoft Teams invitation to join a “Collaborative Team” … from IT Networks! Needless to say we did not set up or invite ourselves to join that Team however this scam may work in a larger organisation or somewhere just starting to make use of Teams.

Fake Microsoft Teams Invitation

The Invitation may appear to come from within your organisation as an attempt to get your staff to click on the “Accept” button which then re-directs them to a web page outside your organisation. This is a phishing attack to trick your staff into signing in with their username and password.

fake Microsoft Teams invitation

Warning Signs this is a hoax/scam:

  • Poor punctuation where it doesn’t belong
  • Company name incorrect (We are “IT Networks”)
  • Hovering over the “Accept” button shows a link to an external site, in our case:

One way to reduce the risk of your staff being tricked is to add a warning or label to external email. This might be enough to alert users that all is not what it seems.

Ensuring multi-factor authentication is enabled for all users will prevent any external access to your data if someone does fall for the scam and give up their login details.

Follow us on LinkedInFacebook or Twitter to be notified when we post new content. If you’re not crazy about social media, you can also sign up to our newsletter using the form at the bottom of the page or find our details on our Contact page.  We only send them once a month and you can always unsubscribe.