We are a managed service provider (msp).
01110100 01101000 01101001 01101110 01101011 00100000 0100100100101110 01010100 00101110

About

Resources

Managed IT Services and Support

Careers

Contact us

+

Book a consult — Book a consult —

Microsoft Teams Phishing: Beyond Email Scams

05/03/2026

Phishing scams are no longer limited to email. Attackers are now using Microsoft Teams to target New Zealand businesses.

We are a managed service provider (msp).

New Zealand businesses are being targeted by a new type of phishing scam that uses Microsoft Teams rather than email, with scammers posing as trusted support contacts to gain access to devices.

What is this scam?

Most people are familiar with phishing emails. In this newer variation, scammers contact people directly through Microsoft Teams calls or messages.

They may claim to be:

  • Someone from an IT or technical support team,
  • A colleague, supplier, or trusted contact, or
  • “Microsoft Support”

Because the contact happens inside a tool many people use every day for work, it can feel more trustworthy than an unexpected email. Scammers often create urgency, saying there is a serious problem with your account, device, or security.

Their aim is to persuade you to install remote support software or approve remote access. If access is granted, they may be able to view files, steal information, or take control of the device.

Why this matters

This is best described as phishing through collaboration apps. It does not rely on exploiting software flaws, but on social engineering: tricking people into trusting the request.

While recent reported cases have not resulted in confirmed system compromise, this scam technique is becoming more common and is expected to continue as attackers move away from traditional phishing emails that are easier to detect.

How to protect yourself

You can reduce your risk by following these simple guidelines:

  • Be cautious of unexpected Teams calls or messages, especially those involving technical issues or security warnings.
  • Do not install software or allow remote access unless you have personally requested support and verified who you are dealing with.
  • Remember, Think I.T. and Microsoft do not initiate unsolicited support calls through Teams.
  • Report anything suspicious immediately to our support team.
  • Have us review your settings. Policies change all the time and drift can occur, have us review them and see if it aligns with your security goals.

Our advice

Education is the strongest defence against this type of scam. If something feels unusual or rushed, pause and verify before taking action. In recent incidents, users who questioned the call and reported it early prevented any damage from occurring.

If you have any concerns or would like help reviewing your security settings, please contact our team.

See our services

Managed ServicesMulti-factor Authentication (MFA) Mail ProtectionManaged Print ServicesSecurity Information and Event ManagementManaged Wi-FiDomain HostingPenetration TestingPassword Manager
EDR (Security) SolutionSecurity Education SolutionData ProtectionManaged FirewallDNS FilteringPhone SystemsWebsite HostingMedtech OptimisationMobile Device Management
© 2026 think i.t.
About Us
Managed IT Services and Support
Careers
Contact us
Resources
IT News
IT Case Studies
IT Blog
Facebook
LinkedIn
#
Privacy Policy
Terms & Conditions
We are a managed service provider (msp).
01110100 01101000 01101001 01101110 01101011 00100000 0100100100101110 01010100 00101110
CREATED BY 
THE WEB GUYS