Cybercriminals are employing “vishing” (voice phishing) tactics to target Microsoft Teams users, as reported by Trend Micro.
These attackers impersonate clients during Teams calls, using social engineering to gain remote access to victims’ systems. The attack typically begins with a flood of phishing emails to overwhelm the victim’s account. The cybercriminal then follows up with a phone call, posing as a tech support assistant and offering to “resolve” the problem they had triggered. This tactic exploits the victim’s frustration and urgency to fix the problem, tricking them into granting access or sharing sensitive information. In a recent incident, an attacker convinced a victim to download AnyDesk, a remote access tool, which was then used to deploy DarkGate malware—a Remote Access Trojan (RAT) that enables unauthorized control over the infected system. Although the attack was halted before any data was stolen, it highlights the growing sophistication of cyberattack strategies. This incident adds to a series of cybersecurity challenges for Microsoft, which has been enhancing its security infrastructure following high-profile breaches.
Read more at UC Today.