Black Basta Uses Microsoft Teams for Phishing Attacks
/ 1 min read
💻🔒 Ransomware Group Black Basta Exploits Microsoft Teams for Phishing Attacks. A new threat campaign attributed to the ransomware group Black Basta involves flooding users’ mailboxes with spam emails before posing as IT support on Microsoft Teams to gain unauthorized access. The attackers create a fake Microsoft 365 tenant, send benign spam emails, and then initiate chats with victims, convincing them to use remote management tools to provide access. To combat this, organizations are advised to monitor for spikes in spam emails, suspicious Teams communications, and implement anti-spam policies. Additionally, disabling external Teams communication and enabling logging for chat events can enhance detection and prevention efforts against these phishing tactics.
