Check Point Email Security | Blog

Microsoft Teams: The New Red Phone

Written by Jeremy Fuchs | March 22, 2022

For decades, world leaders communicated via a secure line, the infamous red phone.

Now, they communicate via Microsoft Teams?

Sort of. Here's the story: The British Defense Secretary, Ben Wallace, was on a Teams call with the Ukrainian Prime Minister. Except he wasn't. The call was from an imposter. Here's what happened.

-Someone posing as an aide at the Ukrainian embassy in London sent an email to a governmental department, which later was forwarded to the Ministry of Defense.

-A Teams video call was set up 

-After about ten minutes, the Defense Secretary figured out it was a hoax.

There was also a similar call held between the imposter and the Home Secretary.

As a reminder: a Teams call is inherently not secure. Anyone can impersonate anyone on Teams. All they have to do is create a spoofed account. In this case, someone created a spoofed email as well as a spoofed Teams account. Any user can invite others to join a Teams call, whether inside or outside the company. Profiles are the only indicators of identity, and can be edited by the end-users at any time. 

Compromises can happen anywhere. They can happen in your business and they can certainly happen at governmental levels. Leveraging top-notch security for all the places where you communicate--including Teams--has never been more important.