Microsoft has warned of a new phishing campaign from the “financially motivated” Storm-0324 threat actor which uses an open-source tool to send phishing lures through Microsoft Teams chats.
The goal is accessing corporate networks and enabling follow-on attacks like ransomware, i.e. handing off access to compromised networks to other threat actors. The campaign leverages the open-source TeamsPhisher tool to attach files to messages.
Microsoft says it has rolled out improvements to better defend against the threat and has suspended identified accounts. Microsoft also gives a list of recommendations to harden networks against Storm-0324 attacks on its website here.
The service that we receive is of the highest standard and we are completely happy that we have made the right decision to move our business to SMT IT Services.
- Chris Addis -