If you dread a Microsoft Teams invite, just wait until it turns out to be a Russian phish

Digital thieves – quite possibly Kremlin-linked baddies – have been emailing out bogus Microsoft Teams meeting invites to trick victims in key government and business sectors into handing over their authentication tokens, granting access to emails, cloud data, and other sensitive information.

According to Microsoft, this con job have been ongoing since August 2024 and is attributed to a group it tracks as Storm-2372, a bunch of miscreants "working toward Russian state interests."

Other such Kremlin-orchestrated crews, including Cozy Bear aka Midnight Blizzard, have also used Teams chats to phish marks in similarly high-value sectors, the Windows giant has warned in the past.

In this most recent phishing blitz, Storm-2372 targeted government, non-governmental organizations, IT services and technology, telecommunications, health, higher education, and energy/oil and gas across Europe, North America, Africa, and the Middle East, Redmond said this week.

The campaign uses a technique called "device code phishing" that attempts to ...