New Phishing Method Being Attempted Through Microsoft Teams
We would like to make you aware of a new phishing method being attempted through Microsoft Teams, where external users may try to impersonate known contacts or colleagues.
If you receive a Microsoft Teams chat request similar to the example below, please do not accept the chat unless you are certain the person is legitimate. If anything looks suspicious, please select Block.
Please take note of the following warning signs:
“External” label
If you see External next to a person’s name, this means the person is not part of your organisation, even if the display name looks familiar.
External communication warning banner
Microsoft Teams may display a warning stating that the person contacting you is outside of your organisation. Please review this carefully before accepting the chat.
No visible email address
If the person is not sharing an email address, there may be no reliable way to confirm who they are. Treat this as suspicious.
Unexpected requests
Be cautious of any urgent or unusual requests, especially if the person asks you to make payments, share sensitive information, change banking details, or assist with something confidential.
Recommended action:
If you receive a suspicious Teams chat request:
- Do not accept the chat.
- Do not reply to the message.
- Do not share any information.
- Select Block.
- Report the incident to your IT support team.
Please remain vigilant and verify unusual requests through a trusted secondary channel, such as a phone call to a known number.