We have identified a fresh phishing scheme that specifically targets Microsoft Teams users who require access to payroll files. When a button is pressed, the phishing attack’s landing page at payroll-microsoft365-access-panel-2023[.]softr[.]app/ redirects to azaleastays[.]com/devr365web2023.
Users are prompted to input their login information on the landing page in order to access their payroll files, which has the appearance of a genuine Microsoft Teams login page. The phishing website, on the other hand, is made to steal users’ login information and compromise their accounts.