That Help Desk Messaging Your Users on Teams Is Not Yours
TL;DR
- By default in Microsoft 365, any external user can search for your users in Teams, confirm the account exists, and start a chat with them.
- The current Teams phishing playbook floods a user's inbox with newsletter spam, then poses as help desk over Teams chat offering to fix it.
- Quick Assist ships enabled on every Windows device, which gives attackers a preinstalled remote access tool to request during the fake support session.
- As of November 2024, Microsoft shows impersonation warnings on suspicious external Teams chats, but users can still click straight through them.
- Restricting external Teams chat to whitelisted organizations removes the attack's entry point entirely.
A user gets a Teams message from "Microsoft Security Team" offering to fix the spam suddenly flooding their inbox. The display name looks right. The domain looks right at a glance. Twenty minutes later an attacker has a remote session on their laptop.
None of that required a single compromised account in your tenant. It works because Microsoft 365 lets external users open Teams chats with your users by default. This post walks through the kill chain and a four-control runbook to shut it down.
How the fake help desk attack works

A typical run of this attack looks like this:
- The attacker sets up a new Microsoft 365 tenant to look like a legitimate, trusted organization.
- Knowing a user's email address, they sign that user up for dozens of newsletters, flooding the inbox with spam.
- They reach out in Teams chat impersonating a help desk member offering to fix the spam problem. Default Microsoft 365 settings allow any external user to start that chat.
- They talk the user into accepting a remote access session via Quick Assist (a remote access tool natively installed on Windows), ScreenConnect, TeamViewer, or similar.
- With hands on the device, they tamper with protections like antivirus, install malicious payloads, or walk the user through an adversary-in-the-middle flow to compromise the account further.
The spam flood is the clever part. It manufactures the exact problem the fake help desk then offers to solve.
What Microsoft 365 allows out of the box
With default settings, any user anywhere can search for an external email address in Teams and learn whether that account exists.

Found and available to chat:

Not found:

Users who receive messages from non-whitelisted external participants do get a consent warning before the chat opens. Given the average user's track record with warning screens, expect plenty of them to click straight through.
Microsoft has also added a layer of its own. As of November 2024, Teams shows default warnings when Microsoft suspects a chat is phishing or impersonation:

In this example, the attacker set their display name to "Microsoft Security Team" and used a domain that reads like Microsoft.com but is actually Mircosoft..com. Useful signal, but the user can still bypass the screen themselves, which is not where you want your defense to end.
Four controls that break the kill chain
Control 1: Whitelist external chat instead of allowing it all
The strongest move is blocking external users from chatting with your organization unless they are approved and whitelisted.

Microsoft documents both scenarios:
- Managed organizations: manage external meetings and chat with trusted Microsoft 365 organizations (opens in new tab)
- Unmanaged organizations: manage chats and meetings with external Teams users not managed by an organization (opens in new tab)
Control 2: Remove the remote access tools you do not use
Quick Assist is enabled by default on Windows devices and features heavily in this attack, but any remote access tool works: ScreenConnect, TeamViewer, AnyDesk. Make sure only your approved remote access tool is enabled on the device and remove the rest.

Microsoft's guidance for removal: Disable Quick Assist within your organization (opens in new tab).
You can also hunt for the pattern in Defender. This KQL query surfaces external one-on-one Teams chats followed by suspicious RMM activity on the same user:
let interestingUsers = DeviceProcessEvents
| where Timestamp > ago(1h)
| where isnotempty(InitiatingProcessAccountObjectId)
| where FileName has_any ("quickassist.exe", "anydesk.exe", "teamviewer_service.exe") // Multiple RMM tools can be abused here
| project InitiatingProcessAccountUpn;
CloudAppEvents
| where Timestamp > ago(1d)
| where Application == "Microsoft Teams"
| where ActionType == "ChatCreated"
| where isempty(AccountObjectId)
| where RawEventData.ParticipantInfo.HasForeignTenantUsers == true
| where RawEventData.CommunicationType == "OneOnOne"
| where RawEventData.ParticipantInfo.HasGuestUsers == false
| where RawEventData.ParticipantInfo.HasOtherGuestUsers == false
| where AccountId has "@"
| extend TargetUPN = tolower(tostring(RawEventData.Members[1].UPN))
| where TargetUPN in (interestingUsers)
| extend VictimTenant = tostring(RawEventData.OrganizationId)
| extend AttackerTenant = RawEventData.Members[0].OrganizationId
| extend AttackerUPN = RawEventData.Members[0].UPN
| extend AttackerName = RawEventData.Members[0].DisplayNameControl 3: Turn on tamper protection
Tamper protection in Microsoft Defender for Endpoint and Defender for Business stops security settings, such as virus and threat protection, from being disabled or changed. If the attacker does reach the device through a remote session, this blocks the next move: turning off AV and dropping malware or ransomware.
You can enable it from the Security admin center or Intune. It does require devices to be enrolled in Defender for Business or Defender for Endpoint.

Documentation: Protect security settings with tamper protection (opens in new tab).
Control 4: Teach users what a real help desk never does
Tech support scams belong in your security awareness training, for your team and your customers' end users. Microsoft maintains a solid primer on what to watch for: Protect yourself from tech support scams (opens in new tab).
Where this runbook ends and defense in depth begins
These four controls cover the specific kill chain, not everything an attacker can try. Evaluate your security stack for the additional layers that compound them:
- Ensuring users are not local admins on their devices
- Link and attachment protections in Defender for Office 365
- Application whitelisting and elevation control on devices
- Phishing-resistant MFA
Each one makes a different step of the attack more expensive. Stack enough of them and the fake help desk moves on to an easier tenant.
Frequently asked questions
Does Microsoft warn users about phishing in Teams chats?
Partially. As of November 2024, Microsoft displays a warning when it suspects an external chat is phishing or impersonation, and users see a consent prompt before chatting with non-whitelisted external participants. Both screens can be bypassed by the user, so they reduce risk without removing it.
Should every organization block external Teams chat completely?
Block it by default and whitelist the organizations you actually work with. Most businesses chat externally with a handful of known partners, so an allowlist costs little and removes the entire initial access vector for this attack.
Why does tamper protection matter for a Teams phishing attack?
Once an attacker has a remote session on the device, the next move is disabling antivirus before dropping a payload. Tamper protection in Defender for Endpoint and Defender for Business prevents security settings from being switched off, which stalls the attack even after the user has been fooled.
Is external Teams chat still wide open in your tenants?
CloudCapsule flags risky collaboration defaults like open external Teams access across every tenant you manage, with remediation steps and the end-user comms to go with them. 250+ controls, 60 seconds.
Run a free scan
Written by
Nick Ross
CEO · Microsoft MVP · Founder, T-Minus 365
Nick is not just a CEO, he's a respected thought leader and influencer in the MSP space. Tens of thousands of MSPs learn through his YouTube channel, T-Minus365. Nick has been honored as a three-time Microsoft MVP for his educational content; his expertise and influence are the backbone of our mission, ensuring that you are in the best hands when it comes to security.
Nick joined Pax8 in 2017, where he would ultimately oversee product management for PSA and Microsoft integrations. Following his tenure at Pax8, Nick has continued to demonstrate his leadership prowess as an executive at various MSPs, culminating in his most recent role at Sourcepass.
Nick holds a Bachelor's Degree in Business Management from Florida State University, as well as a Minor Degree in Entrepreneurship. In his free time, Nick is an avid hiker, reader, and fitness-junkie.


