Hi All,

We want to make you aware of a new phishing trend targeting users through Microsoft Teams — not just email.

Attackers are impersonating IT/helpdesk staff by creating fake Microsoft 365 accounts with names that look legitimate. They reach out via Teams chat and try to convince users to run commands or follow troubleshooting steps that install malware on their device.

Our Teams environment is configured to prevent external messages from coming through, so this specific attack is mitigated on our end. That said, it's important to stay aware of how attackers are evolving their tactics beyond email.

For more details on this threat, you can read the full article here: BleepingComputer – KongTuke Hackers Now Use Microsoft Teams for Corporate Breaches

As always:

• We will never ask you to run commands or scripts through Teams chat
• If you notice anything unusual — whether it's a suspicious message, unexpected login prompt, or something that just doesn't seem right — please reach out to the Helpdesk at helpdesk@acord.org  so we can look into it.

Thank you for staying vigilant.