Let me tell you about a phone call that didn’t happen the way it looked.
A user at a mid-sized accounting firm gets bombarded with spam emails — hundreds of them, registration confirmations and newsletter sign-ups flooding her inbox in under an hour. Then a call comes through Microsoft Teams. The display name reads “IT Support.” The person on the other end is calm, professional, and helpful. They explain there’s a problem with her account, probably the source of all this email chaos, and they just need to take a quick look at her computer to sort it out.
She says yes.
Three minutes later — Cynet’s threat operations team clocked it at three minutes — the attackers have remote access, a backdoor installed, and persistent control of a machine sitting inside a company that handles client financial data.
The attacker was not an employee of the firm. The “IT Support” display name came from an external Microsoft 365 tenant with a name like HelpDeskWindowsFamily.onmicrosoft.com. The tool they used to get in — Quick Assist — was already sitting on the Windows machine. Built right in. No download required.
Here’s the part I keep thinking about.
That attack succeeded because it looked exactly like what MSPs do every day. The email flood creates urgency. The Teams call creates authority. The remote access request feels routine. Most of your clients have let you into their machine via Quick Assist or AnyDesk or whatever remote tool you use. It’s normal. It’s expected. It’s your job.
The attackers know that. They’re counting on it.
They’re Using Your Playbook
Microsoft’s Detection and Response Team (DART) published their writeup on this campaign in mid-March after tracking it through late 2025 and into 2026. The threat actor, tracked as Storm-1811, has been running Teams-based voice phishing since at least May 2024. They’ve gotten very good at it.
The playbook has a few steps that are worth understanding:
First, the email bomb. The user gets subscribed to hundreds of legitimate services at once, flooding their inbox and creating the conditions for someone to reach out and “help.” It’s not a bug in the attack. It’s the opening move.
Then the Teams call from an external domain. Microsoft allows users to receive calls from outside their organization by default. The attacker picks a display name that sounds like internal IT. Users see “IT Support” and their guard drops before they’ve asked a single question.
Then Quick Assist. It’s a built-in Windows remote access tool, which means no download, no alert, no unusual process running. The user clicks a few buttons they’ve clicked before when their actual MSP was helping them. The attacker is in.
From there it moves fast. DLL sideloading, backdoor installation, credential harvesting. The Cynet team observed attackers targeting as few as two users before landing a successful compromise. This is not a wide-net spam operation. It’s targeted and efficient.
Why MSPs Are the Vulnerable Middle
Here’s what I mean when I say this attack weaponizes the MSP relationship.
You have trained your clients to trust unexpected calls from someone claiming to be their IT support. Not intentionally. But you’ve built a culture where “IT called, they need access to my machine” is a totally normal Tuesday. That’s not a failure of your clients. That’s the byproduct of a good support relationship.
The attacker walks through a door you built.
The Cynet write-up is blunt about this: “Teams vishing is particularly dangerous for the MSP model because it weaponizes the helpful, ‘always-on’ relationship you strive to build with your clients.”
Read that again.
What makes you valuable — the always-on helpfulness, the “just call us” culture — is the same thing that makes your clients vulnerable to someone pretending to be you. And if an attacker gets into a client environment through a fake IT support call, the first thing investigators are going to ask is who had remote access to that machine. Your relationship with the client doesn’t start looking protective. It starts looking suspicious.
That’s not fair. But it’s the situation.
What You Can Actually Do
Restricting Teams external communication is the blunt instrument, and some of it is worth swinging. Microsoft recommends an allowlist approach for external domains — only allow inbound Teams calls from organizations your clients actually work with. For most SMB clients, that list is short.
Quick Assist is a different conversation. It’s legitimately useful. But in a world where attackers are using it as an entry point, you need a policy. Either you’re the only entity that ever uses it, or you disable it and redirect everything through your own vetted remote access tooling. Half-measures don’t work here.
The email bombing piece is trickier. There’s no clean way to stop someone from subscribing your client to a bunch of legitimate newsletters. But you can train your clients to treat sudden inbox floods as a red flag rather than a nuisance — specifically, to call you back through a number they already have, not to accept incoming help from whoever shows up claiming to fix it.
That callback verification piece matters more than any technical control. If your client’s instinct is “someone offering to help me with IT just called, let me first verify they’re actually from my MSP,” you’ve won. If their instinct is “great, I’ll just let them in,” you haven’t.
And that instinct comes from you. From how you train them, how you set expectations, and whether you’ve ever had the conversation that sounds like: “If you ever get an unexpected Teams call from someone claiming to be IT support, hang up and call us directly.”
A lot of MSPs haven’t had that conversation. Have it now.
The Other Piece of This Week’s Picture
While the vishing campaign was running, Huntress spotted a separate but related threat — OAuth device code phishing targeting over 340 Microsoft 365 organizations across five countries. That campaign started in February, uses Cloudflare Workers and Railway.com infrastructure, and extracts M365 access tokens without requiring victims to type a password anywhere visible.
Cole has the technical breakdown here. Read it. The two campaigns aren’t directly linked, but they’re running simultaneously against the same target pool: M365 environments with human users who trust technology they don’t fully understand.
That’s most of your clients.
This week made it pretty clear that attackers have figured out that the weakest point in most Microsoft 365 environments isn’t a software vulnerability. It’s a person who trusts people who sound helpful. You’ve spent years building that culture of trust. Now you have to build a layer of healthy skepticism inside it.
Those two things can coexist. They have to.
Got a Teams vishing story you’ve seen in the field? Send it my way. The details always matter more than the headlines.