Bad actors are utilizing Microsoft Teams to social engineer users into providing information over the platform. Utilizing back-end methods, bad actors can change their display name to appear from a legitimate person within the organization. 

Here are some things to look out for if you receive a suspicious Microsoft Teams message: 

• Grammar and spelling: Look for errors in grammar, spelling and punctuation
• Suspicious or Unknown Sender Address: Verify the sender before clicking any links or providing any information
• Deceptive external requests: Notifications for chat requests from outside the organization 
• Suspicious Links or Files: If a message is edited to contain a link or file, be wary 
• Requests for Remote Connection: If a user is requesting to remote access your machine via Teams, this is a sign that a bad actor is attempting to steal data

If you receive a suspicious or unsolicited Microsoft Teams message, please report it to phishing@marist.edu 

For more information, please read the following resources:

• Disrupting Threats Targeting Microsoft Teams
• Microsoft Teams Bugs Let Attackers Impersonate Colleagues and Edit Messages Unnoticed