Russian ransomware hackers increasingly posing as tech support on Microsoft Teams - The Cyber Post

Russian cybercriminals are using Microsoft Teams to pose as tech support, tricking victims into installing ransomware. The attackers, possibly linked to Storm-1811 and FIN7, exploit default Microsoft Teams settings to initiate chats or meetings with internal users. Organizations are advised to restrict Teams calls from outside organizations and remote access applications to mitigate this threat.