Furthermore, Microsoft Teams meeting invites can be weaponized by threat actors. When creating an online meeting, the platform generates multiple links that are sent to invitees. By exploiting Teams API calls, attackers can replace these legitimate links with malicious ones, potentially leading users to compromised websites.
Alternatively, attackers can manipulate existing links within sent messages using the Teams API or user interface. In this case, the hyperlink displayed to victims remains unchanged, making it more challenging to detect the malicious URL behind it.