Microsoft Teams Social Engineering: A Ransomware Attack Vector

The Recon SOC is seeing an uptick in ransomware groups successfully gaining initial access to environment's by impersonating IT support staff and calling users directly over Microsoft Teams. This sophisticated social engineering attack leverages the trust users place in familiar communication platforms to bypass traditional security controls.