From bleepingcomputer.com
The cybersecurity risks of SaaS chat apps, such as Microsoft Teams or Slack, often go underestimated. Employees feel secure when communicating on apps that are connected to their corporate network. It’s exactly this misplaced trust within intra-organizational messaging that opens the door to sophisticated attacks by criminal threat actors using a wide range of malicious activities.
By contacting employees who are off-guard in SaaS chat apps, threat actors can conduct phishing campaigns, launch malware attacks, and employ sophisticated social engineering tactics.
These sophisticated tactics make it challenging for security teams to detect threats. Employees also lack education when it comes to cybersecurity awareness around messaging apps, as cyber training mainly focuses on phishing via email.
Microsoft Teams chats is a platform that is susceptible to a growing number of incidents as its massive user base is an attractive target for cybercriminals.