Phishing Attacks Target Executives via Microsoft Teams

ReliaQuest researchers describe an automated phishing campaign, likely run by former Black Basta affiliates, that combines mass email bombing with Microsoft Teams help-desk impersonation to rapidly gain remote access to senior executives' accounts; attackers moved from initial chat to executing malicious scripts in as little as 12 minutes and in March 2026 77% of observed attacks targeted executives.