Microsoft Teams
Microsoft Teams has been named in 2 documented digital harm incidents. The most common harm domain is Fraud & Financial.
Documented Incidents
2WPP CEO impersonated via deepfake AI voice clone in failed corporate fraud attempt
The CEO of WPP, the world’s largest advertising company, Mark Read, was targeted by a deepfake scam involving an AI voice clone and a fake Microsoft Teams meeting. The fraudsters created a WhatsApp account using a publicly available image of Read and impersonated him during a virtual meeting with another senior executive. The scam aimed to solicit money and personal information from an agency leader but was unsuccessful. WPP confirmed the phishing attempt was prevented due to the vigilance of employees. The incident highlights the growing use of AI and deepfake technology in corporate fraud, with similar attacks targeting financial institutions and other organizations in recent years. WPP has also reported being targeted by fake websites using its brand name and is working with authorities to address the issue.
Axios software developer tricked by AI deepfake phishing attack leading to malicious package distribution
The Axios software package was hacked in an incident traced to a North Korean hacking group, UNC1069, which used AI deepfakes to impersonate company executives in a phishing scheme. Lead developer Jason Saayman revealed the attackers gained access to his NPM account and PC after tricking him into installing a remote access Trojan during a virtual meeting with AI-generated voices and faces. The breach occurred in late 2023, resulting in a malicious Axios version being briefly distributed for three hours, potentially infecting systems that auto-updated. UNC1069, active since 2018, has targeted cryptocurrency firms and IT companies using similar tactics. Security advisories were issued to mitigate the threat, as the attack highlighted the sophistication of AI-enabled phishing.