More and more organizations are discovering the benefits of working through Microsoft Teams. It is an extremely convenient platform for collaboration. You can easily share documents, chat with your colleagues through various channels or hold virtual meetings.
Working remotely has never been easier. And in view of the recent work-at-home advisories, even a necessity. Unfortunately, cybercriminals have now also found their way into Microsoft Teams. In this article, we explain how they operate and what you can do about it.
A new trend
Avanan, a cybersecurity company, has been collecting data on how hackers launch attacks on Microsoft Teams since Jan. 22, 2022. The trigger was a notable increase in the number of hacking attempts in Microsoft Teams. With some 270 million users worldwide, Teams represents a valuable source of information. And far from all users have properly protected themselves against cybercrime.
What was particularly striking was that hackers used the same method in many cases. They place executable files, that is, files with a .exe extension, in the chats. Once the unsuspecting user clicks on the link, a Trojan virus takes over the computer. A Trojan virus is a form of malware. You can tell if your computer is infected by a number of things. For example, your computer becomes slower, your storage space is suddenly full and unfamiliar apps appear on your screen.
Methodology
To place a malicious link in Teams, hackers must first gain access to the application. To do this, they have several options at their disposal, from eavesdropping on chat conversations to hacking an entire network. Again, phishing remains a popular modus operandi. Phishing allows them to find out personal information by posing as a trusted entity. Once they gain access to the platform, they can strike fairly easily.
A download link appears in the chat window with an .exe extension and the name “User Centric. The name of this file does not ring alarm bells for most. Moreover, most assume that their interlocutor posted the link on purpose. In reality, this is a Trojan virus. If you click the link, the virus installs so-called DLL files on your computer. DLL stands for Dynamic Link Library. You don’t notice this right away, because at first glance it looks just like you are running a Windows program. As a result, you install a program that can take full control of your computer.
Measures
Hackers are becoming more and more cunning, but they also like to choose the path of least resistance. So the harder you make it for them, the faster they will turn to an easier victim. So it certainly helps if you take some measures yourself to protect yourself and your computer. You don’t have to be an IT expert to do this, either. Anyone can take these measures:
1. Be alert
Never click on just any download link. This applies to links in chat conversations, but also to links in e-mails or whatsapp messages, for example. First make sure that your conversation partner is actually the sender of this download link. Be especially careful with executable files that immediately start installing malware. Does a link with the name “User Centric” appear in your chat window? Then you know for sure that it is a Trojan virus and hackers have access to your Microsoft Teams. Warn your conversation partners that this is a malicious link and that they should not click on it. Also notify the IT people within the company so they can plug the leak as soon as possible.
2. Use a VPN
With a VPN, you add an extra layer of protection to all your Internet traffic. Instead of going directly from your computer to the server, Internet traffic is first routed past a VPN server. This is done via an encrypted tunnel. The VPN server ensures that all data is encrypted, which is called encryption. No one can read your data except you and the legitimate recipient.
The VPN server also shields your personal IP address, making it impossible for third parties to see exactly where the data was sent from. To protect yourself specifically from these Trojan viruses, it’s best to choose a VPN with a built-in malware blocker. You can download and install a VPN for free on your computer and other devices connected to the Internet.
3. Have files scanned
Hackers usually know exactly how to find weaknesses within companies’ cyber security. So the attacks are less random than you might initially think. As a company, make sure you have your cyber security in order. Microsoft Teams too often appears to be an inferior child in that regard. Use antivirus software to scan files for malicious content. And don’t forget to update this software regularly.
This is a commercial contribution provided by a third party. The editors are not responsible for the content.