A scenario that security professionals are seeing with increasing frequency: an employee receives a Microsoft Teams message on a Friday afternoon from what appears to be the internal IT department. The message is flagged as external, but the worker accepts it anyway. Within minutes, the “IT technician” on the other end has convinced the target to approve a multi-factor authentication prompt, and the compromise is already underway.

Unit 42 researchers have documented this pattern in a report published June 8, 2026, highlighting how trusted collaboration platforms are being systematically weaponized by threat actors who recognize that users apply far less scrutiny to Teams messages than to email.

A Measurable Shift Toward Collaboration Tool Phishing

The numbers reflect a structural change in attacker behavior. According to Unit 42, phishing alerts originating from collaboration tools represented 42% of all phishing alerts recorded in Cortex during the first four months of 2026, up from 30% in the preceding four-month period. Researchers attribute the shift in part to the maturation of email defenses: gateways are more capable, and years of phishing simulation training have conditioned users to treat unsolicited email with suspicion. That same skepticism has not transferred to platforms like Microsoft Teams.

Known Threat Groups Already Operational

Two specific campaigns illustrate how far this tradecraft has advanced.

  • Cloaked Ursa (APT29, Cozy Bear, Midnight Blizzard): Unit 42 reported in late 2024 that this Russian-linked group leveraged compromised accounts to send Teams messages containing malicious links redirecting victims to credential harvesting pages designed to mimic Microsoft login portals.
  • UNC6692: In December 2025, a group tracked by Mandiant as UNC6692 used Teams to impersonate IT helpdesk personnel, convincing employees to accept chat invitations from accounts outside their organization.

How Attackers Establish Apparent Legitimacy

Unit 42 outlines several techniques used to mask attacker identity within the Teams environment.

  • Typosquatted domains that closely resemble trusted vendor or internal naming conventions.
  • Microsoft 365 tenants with no prior affiliation to the target, deliberately named to mimic IT support, security teams, or managed service providers.
  • Compromised legitimate partner or service provider accounts, which bypass the need for impersonation entirely by exploiting existing trust relationships.

A key enabler is that Teams federation is enabled by default in many organizations, permitting external tenants to initiate chats unless explicitly restricted by policy. Microsoft Teams does present visual indicators when a sender is external, and an impersonation protection feature adds additional warnings, but researchers note the final determination still rests with the user.

Recommended Defenses

Unit 42 recommends a layered approach combining configuration hardening with updated user awareness training.

  • Restrict external access settings: Review and tighten policies controlling whether unmanaged or personal Teams accounts can contact users in the organization. Disable federation with tenants that serve no legitimate business purpose.
  • Update awareness training: Workers should be explicitly taught that Teams messages can originate from outside the organization. Training scenarios should include unsolicited IT support messages, requests to approve MFA prompts, and instructions to reset credentials.
  • Verify out-of-band: Users should be trained to confirm unexpected outreach through a separate channel, such as a help desk phone number or internal ticketing system, before acting on any request received through a chat platform.

The broader takeaway from the Unit 42 analysis is that attackers are not exploiting a vulnerability in Teams itself. They are exploiting permissive defaults and the misplaced trust users extend to internal-looking tools. Shifting the defensive burden away from individual user judgment and toward enforced policy controls is the more durable solution.