We're hiring — IT Technician, Jacksonville areaView details & apply
← Back to Threats Log
HighPhishing· Published June 28, 2026

Fake Microsoft Teams Voicemail and Meeting Invites Delivering Malware

Attackers send emails that look like Teams voicemail notifications or external meeting invitations. Links lead to fake Microsoft sign-in pages or prompt users to install malicious 'Teams add-ons' and browser helpers.

Who is affected

Microsoft 365 shops across Florida — especially hybrid teams that receive frequent Teams notifications and may click quickly without checking sender details.

Why it matters

Teams is now the default inbox for many businesses. A single compromised account spreads phishing to every partner and client in the user's recent threads.

Recommended actions

  • Inspect the sender domain carefully; legitimate Teams messages come from Microsoft-owned domains, not look-alike addresses.
  • Open Teams directly from the desktop or mobile app instead of clicking email links to listen to voicemails.
  • Block or restrict unapproved browser extensions that claim to enhance Teams or Outlook.
  • Enable phishing-resistant MFA and review risky sign-in reports weekly.

Official reference

CISA Cybersecurity Advisories

Need help implementing these protections?

ITNS provides managed IT, cybersecurity, and compliance support across Florida. Tell us about your environment — we will help you prioritize what matters most for your team.

Disclaimer: This advisory is for general awareness only and does not constitute legal or compliance advice. Every environment is different — contact ITNS for guidance specific to your business.