Phishing campaign is believed to have targeted 15,000 to 50,000 Office 365 users so far. Phishing emails are sent using the display name: “Theres new activity in Teams” to make it look like an automated notification from the messaging platform. The reply option called “Reply In Teams” leads the victim to a fake Microsoft login page where user credentials are harvested. A similar phishing campaign discovered in May spoofed notification from Microsoft Teams to harvest credentials. The use of Microsoft Teams has grown rapidly during the COVID-19 pandemic and shift to remote work.”]
Source: https://www.databreachtoday.com/phishing-campaign-mimics-microsoft-teams-alerts-a-15238