Microsoft Teams Phishing Attacks

Malicious actors have expanded their attack vectors to include Microsoft Teams messages.

Phishing emails have plagued users for years and by this point the majority are sent straight to the junk folder. Those that do slip through are often easily identified for what they truly are and are swiftly reported and deleted. However, it looks as though these same malicious actors that have hammered our emails for years have expanded to try and gain access to your data through Microsoft Teams phishing messages.

This week we received a suspicious looking message on Microsoft Teams when an external user added us to a group chat. When the message was first received, Microsoft Teams alerted us that it was coming from an external user and that it may be suspicious.


Before you even get to see the message Microsoft Teams will give you the option to delete the chat. At this point, if the message is unexpected then it would generally be recommended to delete the conversation.

However, if you do choose to accept the invitation then you will be able to view the message and you’ll see a screen similar to the screenshot below.

If you get to this point you can then read the message that you have been sent. As you will see, at the bottom of the screen you have quick options to delete the chat or accept and be able to respond if the message is legitimate.


Malicious actors will continue to find new ways to try and gain illegitimate access to your accounts and data so they can exploit it. While the method is different the basic process is the same. The best way to defend yourself against phishing attacks is to ensure you have up to date cyber awareness training and always remember, if it sounds like it’s too good to be true, it probably is.

Get an expert review

Arrange a 15 minute call with an expert to review your IT set up and find ways to make your IT better.
Get in touch