Phishing scams have become a resident cybersecurity threat in cyberspace. The operation has constantly evolved and becomes more sophisticated that security detectors find it hard to identify. Recently, threat researchers found that MS Teams have also become one of the most utilised tools by attackers for malicious campaigns.
Threat actors have become cleverer in developing new strategies and creating unknown attack vectors to avoid detection from cyber defences. Hence, these capabilities have posed a severe risk to different users and organisations.
The new phishing scams use MS Teams to deceive numerous users and collect information.
According to the investigation, the new phishing scams utilise a fake login page that looks identical to the legitimate MS Teams login page. These malicious pages could fool users into logging in with their credentials.
This campaign poses a massive threat as the actors could obtain critical data they could use for other malicious activities.
Microsoft has warned everyone about phishing campaigns with remote access malware targeting tax fillers and accounting companies. According to the company, threat actors exploit the tax filing season to deceive tax pros into accessing compromised files.
The campaign uses Remcos RAT and targets tax preparation companies and tax-filing individuals.
The TACTICAL#OCTOPUS group has also used valid employee tax documents to fool targets earlier this month. The hacker group utilised valid employee W-2 tax documents, real estate purchase contracts, and 1-9 forms to trick their targets into downloading a malware strain onto their systems.
Last year, the phishing campaign during this season surged up to 50% because of newly developed artificial intelligence (AI) tools and phishing kits from different threat actors. The United States became the most targeted country last year. Furthermore, academic institutions experienced the most attack, followed by the financial sector and government agencies.
Phishing scams have surged throughout 2023 as malicious actors continuously upgrade their TTPs to make their campaigns more sophisticated and challenging.
Users and organisations need to be aware of the current trends among cybercriminals to prevent these attacks and avoid infections that could lead to a more severe impact. Lastly, avoiding phishing scams could safeguard critical data and credentials and stop the actors from executing subsequent campaigns.
