- The fake team site delivers malicious software oyster via SEO poisoning and misleading advertisements
- The Spoofed page imitates Microsoft design, encouraging users to download malware
- Best defense: type known URL directly, avoid relying only on search results
If you are looking to install the Microsoft Teams platform, be very careful about how you access the download page, because experts have warned against a new malicious campaign encourage people to download malware instead.
Blackpoint Soc safety researchers have recently discovered a Microsoft Teams fraudulent download page hosted in Teams-Install[.]high. It seems almost identical to the legitimate Microsoft site, with color, design and fonts, all resembling the real site.
However, instead of downloading the popular communication platform, the victims receive the Oyster stolen door, known malware which gives attackers full access to the compromise termination point.
SEO and MALVISTE COMPANY
The site is optimized for search engines, a practice known as “SEO poisoning”. People looking for “team download” (and probably a few other keywords) will find the usurped site at the top of their search results, right next to the legitimate.
If a user is not careful, it is easy enough to be on the wrong site and download malware instead of the real program.
To make matters worse, the attackers also managed to set up some announcements on the Internet, who also seem to appear at the top of the search engine results.
Poisoning and malvertization campaigns like this work well because the search for known sites and programs, instead of type the address in the browser address bar is fairly common behavior.
Many users treat Google as their “gateway” on the internet. For example, in 2024, YouTube was the most wanted term on Google worldwide, followed closely by WhatsApp Web.
In the United States, Amazon led research trends after YouTube. All these platforms are recognized worldwide and are all accessible by typing their .com field in the browser.
It is also the best way to defend yourself against the poisoning of referencing and malvertization – do not trust the blindly results of search engines and navigate as many sites as possible – directly via your browser.
Via Bleeping Compompute
