As outlined in HackRead, a new phishing campaign is leveraging Microsoft Teams notifications to distribute fake billing notices, tricking users into calling fraudulent support numbers. Check Point Research has identified this sophisticated social engineering tactic, which bypasses traditional security filters by using legitimate communication channels.Scammers are creating fake Microsoft Teams groups with names resembling urgent billing alerts, such as "Subscription Auto-Pay Notice." When a user is invited as a guest, a legitimate email notification is sent from Microsoft. The scam email, often using special characters and numbers like "0" for "O" to evade detection, displays a fake invoice amount. Instead of a malicious link, the attackers embed a fake support phone number within the team name, prompting the victim to call and resolve the supposed billing issue. This campaign is highly active, sending approximately 990 messages daily. The education sector (14.9%), technology and SaaS (18.6%), and manufacturing/engineering/construction (27.4%) are among the most targeted industries, with the United States accounting for 67.9% of the activity.This campaign highlights the evolving threat landscape where attackers exploit trusted platforms and communication workflows to operate "in plain sight." The reliance on phone calls for resolution, rather than direct links, represents a shift in phishing tactics. Users across all industries must exercise extreme caution with unexpected invitations and urgent communications, especially those containing phone numbers, to prevent falling victim to credential theft or financial fraud.Source: HackRead
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds