publishing date icon
January 13, 2023
read time icon
5 min. read

Microsoft Teams impersonation - fake notification of teammates trying to reach you

Post hero image

Table of contents

share this post

Technology brands such as Microsoft are among the top targets impersonated by phishers, as they are well-known and widely used. In this case, the email notifies the recipient that their teammates are trying to reach them in Microsoft Teams. However, a closer look reveals that the message comes from an address unrelated to Microsoft.

Meanwhile, the link leads to the search engine Bing, containing a redirect that takes you to the malicious website. In this case, the malicious website contains a fake Microsoft login page, requesting account login information. If submitted, the attackers could gain access to the victim's account.

Sometimes, links in phishing emails redirect you to a malicious website via a legitimate service. This is often done to bypass spam filters or to make the link seem less suspicious.

Off the Hook

  • It's good to consider the "story" the email presents and whether other details in the message match it.
  • Check the sender's address. Examining the sender's address is often a great way to spot a phishing email. Check that the sender's address makes sense in the context of the email and that it doesn't contain typos or misspellings.
  • Sometimes attackers use a technique called "typo-squatting", registering fake domains with names similar to legitimate services. For instance, in the place of "paypal.com," an attacker could register "paypa1.com" and use it to send phishing emails, hoping the victim won't notice the difference.
  • Verify the link. Additionally, verify the link leads to where the email claims by hovering over it with your cursor. If you have doubts, manually navigate to the service's website instead.
Subscribe to Threat Feed

Subscribe to Hoxhunt's Threat Feed to get the latest phishing threats delivered to your inbox, every Friday.

Form CTA

Hoxhunt needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at anytime. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.