How to protect against malware in teams

Microsoft Teams is increasingly being used as a collaboration solution in companies. Many of our customers are also already successfully using Teams for internal and external corporate communications.

Latest Malware Warning

According to a warning from cybersecurity company Check Point (formerly Avanan), there are currently more malware attacks on teams. The chat function in particular is being used as an entry point. We show you what you can do now.

Beware of User Centric.exe & Co. 

Since January 2022, there have been more than 1,000 malware attacks on Microsoft Teams, according to Avanan's Jeremy Fuchs. Cybercriminals attach an executable program file to a chat message. This file is very often called "User Centric.exe." However, other file names are also possible. In any case, there is a Trojan behind the program. The malware installs itself as soon as chat users click on it. Then further parts of the program are downloaded. The goal is to take control of the computer with admin rights. 

Attacks run through access to the Microsoft Teams account

In order for cybercriminals to attack, you need to gain access to a Microsoft Teams account. Various methods are used here. For example, partner organizations are compromised and chats between the individual organizations are intercepted. Or email addresses are spoofed and used for Teams access. Microsoft 365 credentials can be stolen from a previous phishing campaign. This opens up access to the Office suite.

Protective measures and awareness

Many employees have confidence in teams. This is the purpose of teams, and thus also important and correct, in order to be able to act and work together in an uncomplicated manner. In contrast to the verifiability of email identities, Teams users do not know how to check the authenticity by name and photo within a Teams chat. Therefore, the following measures are recommended to secure your IT department:

• Additional protection, which downloads all files in a sandbox and scans them for malicious content. One way to do this is with Microsoft 365 Defender - learn more ►

• Protect identities with multi factor authentication (MFA).  With it, you can fend off 99% of all cyberattacks.
  Everything is explained clearly in the video - learn more ► 

• Raise awareness among employees and encourage them to contact the IT department as soon as a suspicious file appears - not only in emails.

We offer you optimal malware protection, also for your teams Solution

As a Darktrace partner, we are ideally equipped to support your organization with the latest AI-powered cybersecurity technologies. The self-learning technology independently detects, investigates and responds to even the latest sophisticated cyber threats. 

Also take advantage of our security workshops adapted to the latest security issues. 

Our contribution refers to the article by René Jaun in the swisscybersecurity.net