Fast and efficient collaboration is essential to today’s business, but the platforms we use to communicate with colleagues, vendors, clients, and customers can also introduce serious risks. Looking at some of the most common collaboration tools — Microsoft Teams, GitHub, Slack, and OAuth — it’s clear there are dangers presented by information sharing, as valuable as that is to business strategy.

Any of these, if not safeguarded or used inappropriately, can be a tool for attackers to gain access to your network. The best protection is to ensure you are aware of these risks and apply the appropriate modifications and policies to your organization to help prevent attackers from gaining a foothold in your organization — that also means acknowledging and understanding the threats of insider risk and data extraction.

Attackers often know your network better than you do. Chances are, they also know your data-sharing platforms and are targeting those as well. Something as simple as improper password sharing can allow a bad actor to phish their way into a company’s network and collaboration tools can present a golden opportunity.

Here are some of the most popular collaboration platforms and how to become more aware of and help mitigate the threats that can affect them.

Microsoft Teams

As defined by Microsoft, Teams “is the chat-based workspace in Office 365 that integrates all the people, content, and tools your team needs to be more engaged and effective.” Because it’s so widely used, attackers also see it as a rich platform for attack — in August of 2023, Microsoft alerted that Teams was used in targeted attacks by the threat actor Midnight Blizzard.

Attackers sent files in Teams chat that ended up being credential phishing lures, compromising Microsoft tenants by posing as technical support entities. As Microsoft noted, “Midnight Blizzard leverages Teams messages to send lures that attempt to steal credentials from a targeted organization by engaging a user and eliciting approval of multifactor authentication (MFA) prompts.” The attackers lured the Teams user to submit their approval through the Microsoft Authenticator app.