Cybercriminals are escalating their attacks by moving beyond email to leverage platforms like Apple iCloud Calendar, Microsoft Teams, and popular recruitment channels. According to KnowBe4, the latest scams exploit a false sense of urgency and familiarity to trick users into compromising their data.
“The threat landscape has shifted. Attackers are no longer just living in your inbox; they are weaponising the collaboration tools and consumer apps we trust most,” says Anna Collard, SVP of Content Strategy and CISO Advisor at KnowBe4 Africa. “These new tactics exploit a user’s instinct to panic when they see an urgent charge alert or receive a high-authority call from ‘IT Support.’ That immediate rush to action is exactly what compromises their security.”
Trending Scams Exploiting Trust
KnowBe4 details the current tactics bypassing traditional cyber-defences:
- Apple Calendar Phishing: A genuine iCloud Calendar invite contains a shocking, phony purchase message (like a large PayPal charge) in the notes. The victim is directed to call a ‘support’ number, which connects directly to a scammer intent on stealing personal information and money.
- Fake Teams ‘IT Support’ Calls: Scammers exploit default settings in Microsoft Teams to call users using an “IT SUPPORT” display name. The criminal pressures the victim to download remote access software, allowing them to steal passwords or install malware on the company network.
- Workspace Tool Attacks: Phishing is now common across collaborative software:
- Google Drive: Attackers tag a user in a malicious file, triggering a legitimate Google notification containing a link to the malicious content.
- Teams Lurking: Scammers gain access to an organisation’s Teams channel, patiently gather data, and wait for a perfect moment to deploy a malicious ZIP file.
- Phony Zoom Notifications: Fake ‘missed meeting’ emails lure users to a deceptive login page to steal credentials.
- Deceptive Job Offers: Scammers target professionals with too-good-to-be-true offers (e.g., from Netflix HR). The link directs them to a phony profile creation page, often demanding they log in via their personal social media accounts, instantly stealing those credentials.
Actionable Advice for Defence
Collard stresses that users must adopt a Stop, Look, and Think approach to defend against these non-traditional scams.
- Be Suspicious: Treat any unexpected communication, especially those creating urgency about money or system security, with extreme caution – regardless of the platform.
- Verify Directly: Never call a number or click a link provided in a suspicious message. If you are concerned about a charge or alert, log in to the service (like PayPal, Google, or your corporate IT portal) directly through the official website or app.
- Delete Unknown Invites: Do not accept or decline unexpected calendar invites, as this confirms your email is active to the scammer. Simply delete the email.
- Block Remote Access: Never give screen-sharing access or remote control of your computer to someone you cannot personally verify as legitimate IT staff.
