Security experts at Barracuda Networks warn of email-based attacks that abuse well-known platforms like Microsoft Teams and Facebook to trick recipients into handing over login credentials and payment information. These threats are among several highlighted in Barracuda’s latest “Email Threat Radar”.
One tactic involves attackers leveraging Microsoft Teams for so-called callback phishing. Victims are added to Teams groups with names that create a sense of urgency and then receive fake messages about invoices, automatic renewals, or unauthorized charges.
To avoid alleged charges, recipients are instructed to call a provided phone number that actually connects directly to the fraudsters. By using a trusted collaboration tool and urgent, alarming language, attackers increase the chance the scam will succeed and can evade traditional email filters.
Another rising threat is fake phishing emails impersonating Facebook that claim the recipient has violated copyright. These emails mimic Facebook’s legitimate legal notices and link to what appears to be a normal webpage with “details about the infringement”. In reality, the link leads to a counterfeit login page where attackers harvest account credentials.
To reduce the risk of falling victim, organizations should tighten settings on collaboration tools, increase employee awareness and training, and adopt multifactor authentication along with security solutions that cover collaboration platforms. The usual advice—to be especially cautious with emails that urge you to click links—applies here as well.
Read the full Barracuda Email Threat Radar here»
Microsoft Teams and Facebook used in new phishing attacks
Security experts warn that Microsoft Teams and Facebook are being exploited in new phishing campaigns where attackers use trusted collaboration platforms and social media to trick users into revealing login credentials and payment details. The analysis is drawn from reports compiled in the Email Threat Radar.
Communications and PR coordination around these cybersecurity warnings and threat reports are managed in collaboration with information partners and agencies that support distribution and outreach.
Attackers employ callback phishing via Microsoft Teams and fake legal notices purporting to come from Facebook. These techniques combine social engineering with email-based tactics and can bypass traditional security filters.
Keywords: phishing, callback phishing, social engineering, Microsoft Teams, Facebook, Barracuda Networks, Email Threat Radar, cybersecurity, IT security, cloud security, account takeover, data breaches.
Notes
Microsoft Teams phishing, Microsoft Teams security, Teams-based attacks, Facebook phishing, social engineering campaigns, email-based attacks, cloud threats, account security.
Keyword list
microsoft teams phishing, facebook phishing, phishing microsoft teams, phishing facebook, callback phishing teams, email threat radar, barracuda networks cybersecurity, it security phishing, social engineering attacks, email-based attacks, cloud security for businesses
Language block
Microsoft Teams and Facebook are used in new phishing attacks according to Barracuda Networks.