Attackers send emails that look like Teams voicemail notifications or external meeting invitations. Links lead to fake Microsoft sign-in pages or prompt users to install malicious 'Teams add-ons' and browser helpers.
Who is affected
Microsoft 365 shops across Florida — especially hybrid teams that receive frequent Teams notifications and may click quickly without checking sender details.
Why it matters
Teams is now the default inbox for many businesses. A single compromised account spreads phishing to every partner and client in the user's recent threads.
Recommended actions
- Inspect the sender domain carefully; legitimate Teams messages come from Microsoft-owned domains, not look-alike addresses.
- Open Teams directly from the desktop or mobile app instead of clicking email links to listen to voicemails.
- Block or restrict unapproved browser extensions that claim to enhance Teams or Outlook.
- Enable phishing-resistant MFA and review risky sign-in reports weekly.
Official reference
Need help implementing these protections?
ITNS provides managed IT, cybersecurity, and compliance support across Florida. Tell us about your environment — we will help you prioritize what matters most for your team.
Disclaimer: This advisory is for general awareness only and does not constitute legal or compliance advice. Every environment is different — contact ITNS for guidance specific to your business.