1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Watch out: hackers are hijacking Microsoft Teams messages to try

    From TechnologyDaily@1337:1/100 to All on Wednesday, January 28, 2026 21:45:08
    Watch out: hackers are hijacking Microsoft Teams messages to try and get access to your emails - here's what you need to look out for

    Date:
    Wed, 28 Jan 2026 21:35:00 +0000

    Description:
    Hackers exploit Microsoft Teams by sending obfuscated invitations and fraudulent billing messages to access emails across multiple global industries.

    FULL STORY ======================================================================Hackers create finance-themed Teams to trick users without using phishing links Obfuscated team names bypass automated detection while appearing normal to targets Fraudulent phone calls attempt to extract login credentials and sensitive information

    Attackers are now abusing legitimate Microsoft Teams features to reach users without using traditional phishing links, new research has found.

    Experts at CheckPoint found the campaign begins when hackers create new teams with finance-themed or urgent billing names, often embedding obfuscation techniques such as mixed Unicode characters or visually similar symbols.

    These tactics allow the malicious team names to bypass automated detection while still appearing normal to users. How the hijack leads to email access

    Once the attackers set up the team, they use the Invite a Guest feature to send official-looking Microsoft emails directly to targets, making the invitations appear credible and increases the likelihood of user interaction.

    The phishing messages instruct recipients to call a fraudulent support number to resolve supposed subscription or billing issues - and during these calls, attackers attempt to extract login credentials or sensitive information that can be used to access corporate email accounts.

    Unlike conventional phishing, the campaign avoids malicious links or malware attachments and relies instead on social engineering to compromise accounts.

    The combination of official Microsoft messaging and urgent, finance-related language creates a higher level of trust, which makes standard firewall protections less effective without user vigilance.

    Users should treat any unexpected Teams invitations with caution, especially if the team names include payment amounts, invoices, phone numbers, or
    unusual formatting.

    Obfuscated characters, inconsistent spelling, or large-font displays designed to draw attention serve as strong warning signs.

    Organizations which use such online collaboration tools widely need to ensure staff receive training to recognize these subtle red flags and report suspicious invitations immediately.

    Malware removal procedures and layered email security can provide additional protection, but human attention remains critical in preventing compromise.

    However, even with firewalls and security controls in place, attackers continue to adapt tactics that exploit trusted collaboration platforms.

    Vigilance, staff awareness, and rapid reporting are essential to prevent this type of social engineering from succeeding.

    Check Point says the attack has targeted organizations across multiple industries, including manufacturing, technology, education, and professional services.

    Teams users worldwide must maintain heightened awareness to reduce the risk
    of exposing email accounts or other internal systems.

    Analysis indicates the affected organizations were concentrated in the United States, accounting for nearly 68% of incidents.

    Europe followed with 15.8%, Asia with 6.4%, and smaller shares appeared in Australia, New Zealand, Canada, and LATAM countries.

    Within Latin America, Brazil and Mexico experienced the highest activity, together representing over 75% of regional incidents.

    While the attackers do not appear to target specific sectors deliberately,
    the campaign demonstrates the scale at which trusted collaboration platforms can be exploited.

    Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the
    Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/watch-out-hackers-are-hijacking-microsoft-teams- messages-to-try-and-get-access-to-your-emails-heres-what-you-need-to-look-out- for


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)