Beware: Cybercriminals Are Exploiting Microsoft Teams Calls To Deceive You

What level of confidence do you possess in your ability to discern whether you are engaged in a voice call with a cybercriminal? Exercise caution if you are uncertain; malicious individuals are impersonating a legitimate company via Microsoft Teams, giving assistance that is deceptive in nature.

Cybercriminals are targeting Microsoft Teams users with vishing attacks

Trend Micro has identified and reported a new assault that use vishing to infiltrate an individual's machine. Vishing, like to phishing, involves persuading an individual to divulge information or grant access to a system, albeit it occurs through telephone or calling applications.

In the instance provided by Trend Micro, the assault commenced with thousands of phishing emails targeting one individual's account. This was succeeded by a communication from the cybercriminal impersonating a tech support assistant, ostensibly to "resolve" the influx of emails they had initiated.

The cybercriminal persuaded the victim to install a remote access application, initially utilizing Microsoft Remote Support and subsequently transitioning to AnyDesk when the former encountered installation issues. After configuring AnyDesk, the cybercriminal employed the remote access application to deploy a PowerShell-based malware dropper. The PowerShell virus subsequently retrieved the DarkGate malware, utilized by criminals to exfiltrate data and obtain control of an individual's computer through a Remote Access Trojan (RAT).

Fortunately, the assault was thwarted prior to any theft, although it serves as an exemplary case of how to prevent vishing. Exercise caution when requested to download remote access tools, particularly if the individual initiating contact does so without your solicitation. For any technical assistance issues, report them to your workplace IT department or a qualified professional if you are at home.