Microsoft: Teams Increasingly Abused in Helpdesk Impersonation Attacks

Microsoft: Teams increasingly abused in helpdesk impersonation attacks

Microsoft is warning of threat actors increasingly abusing external Microsoft Teams collaboration and relying on legitimate tools for access and lateral movement on enterprise networks.

Attackers Abuse Microsoft Teams and Quick Assist in New Helpdesk Impersonation Attack Chain

A new and deceptive attack campaign has emerged where threat actors are impersonating IT helpdesk personnel through Microsoft Teams to trick employees into granting remote access to their systems. What makes this campaign dangerous is how it uses trusted, everyday business tools to sidestep user suspicion and quietly infiltrate enterprise networks without triggering traditional security […] The post Attackers Abuse Microsoft Teams and Quick Assi…

Attackers abuse Microsoft Teams to impersonate the IT helpdesk in a new enterprise intrusion playbook

Attackers are increasingly exploiting enterprise collaboration platforms such as Microsoft Teams to gain initial access, impersonating IT helpdesk staff and persuading employees to grant remote control, according to new research from Microsoft. In a blog post, Microsoft described a “cross-tenant helpdesk impersonation” technique in which threat actors initiate conversations with employees via Teams’ external access feature. “Attackers use social…