Beware of Microsoft Teams sending computer takeover trojans


Cyber criminals are targeting Microsoft Teams users, planting malicious documents into chat, allowing them to take over computers

Microsoft Teams has had surge in use over the COVID-19 pandemic, especially since remote workers now rely on the app to collaborate and share files. The number of daily active users of Teams nearly doubled over the past year, increasing from 75 million users in April 2020 to 145 million as of the second quarter of 2021.

Unfortunately this makes Teams a target for cyber criminals making how you and your company use Teams critically important. Security researchers hove found that end users inherently trust the platform, sharing sensitive and even confidential data with abandon while using it.

For example, an analysis of hospitals that use Teams found that doctors share patient medical information practically with no limits on the Teams platform. Medical staff generally know the security rules and risks of sharing information via email, but ignore those when it comes to Teams. In their mind, everything can be sent on Teams. This is absolutely not the case.

The Takeaway

This most recent attack on Teams depends on users clicking on an attachment being sent to them from what appears to be a trusted individual within the company. While suspicious emails with attachments may raise red flags, when a file comes in from  Teams chat, particularly with an innocuous-sounding file name most users won’t think twice and will click on it, potentially installing malicious remote control malware.

Employees should already be aware of how malicious emails work and be familiar with spotting malicious attachments and know the procedures for notifying your IT department of any suspicious digital communications including Microsoft Teams, Email, social media and text messages.

If the previous years have taught us anything, one of the best ways to prevent becoming the victim of cybercrime depends on ensuring that end users are up-to-date on their security awareness training programs. Be sure to check and make sure they are!

Stay safe out there

-A