The Tabs feature in Microsoft Teams provides users with convenient access to various tools, including OneDrive. As default tabs cannot be rearranged, users may grow accustomed to their presence and use them without suspicion. However, cybercriminals can manipulate the default tabs by substituting legitimate ones with malicious ones. For instance, a seemingly harmless “Website” tab could redirect users to a malicious landing page where their Office 365 credentials could be compromised.
In addition to manipulating tabs, hackers can also modify the functionality of the Website tab to prompt automatic downloads of malicious files upon clicking. This presents an opportunity for cybercriminals to deliver droppers, which can serve as vehicles for malware distribution.
