A new vishing attack is targeting Microsoft Teams users, using tactics similar to phishing but with an added twist. The attackers, masquerading as tech support agents, contact victims claiming to help fix issues caused by malicious emails. They then convince the victim to download remote access apps, allowing them to install malware and gain control of their computer.
The attack was recently spotted by Trend Micro, which revealed how it unfolded: a flood of phishing emails was followed by a phone call from a supposed tech support assistant. The cybercriminal used this opportunity to install a PowerShell-based malware dropper, which ultimately fetched the DarkGate malware. Fortunately, the attack was interrupted before any data was stolen.
To avoid falling victim to such attacks, be cautious when someone asks you to download remote access tools, especially if they contacted you first without your consent. If you have a tech support issue, report it to your IT department or a trusted professional.
Source: https://www.makeuseof.com/cybercriminals-microsoft-teams-vishing