This makes sense. How often do your coworkers send you something in a Teams chat and you simply click on it? Have you considered the possibility that it wasn’t actually your coworker but someone who was able to gain access to their account?
Although the attack is quite simple, it may also be very efficient because many users trust files received over Teams, Avanan researchers say.
I’ll be honest, this one would be hard to stop once someone managed to get credentials. Not many users have been taught to think twice before clicking on a file shared by their peers. Maybe we should start doing that?