Why Microsoft Teams users globally must be careful when contacted by their company’s ‘IT staff’

Cybercriminals are using Microsoft Teams to impersonate corporate help desk staff and deploy BlackBasta ransomware. They trick employees into installing remote access tools by posing as IT support through deceptive external user accounts. This sophisticated method allows these attackers to gain network access and launch ransomware attacks against corporations globally.