Two Cyber Attacks Your Team Could Fall For Right Now

Tom, Co-Founder at CREAVO
2026-07-02

Two new attacks are doing the rounds. Both are convincing. Both are catching businesses out, including businesses that consider themselves security-aware. Here is what they look like and how to stop your team from falling for either of them.

The Microsoft Teams Flooding Attack

This one starts in your inbox. A large volume of spam emails arrives in a very short window - dozens or hundreds of messages flooding in over a few minutes. It feels like something has gone seriously wrong.

Then, shortly afterwards, a message appears on Microsoft Teams. The sender claims to be from IT support. They say they have spotted the issue and can fix it. All they need is remote access to your machine.

This is the attack. The inbox flood is manufactured deliberately to cause panic and make the arrival of "help" feel credible. The Teams message is not from IT support, it is from an attacker who wants access to your system.

Once remote access is granted, the attacker can move quickly. They may install software, access files, steal credentials or lock you out of your own systems.

The Fake Azure Monitor Alert

The second attack works differently but is equally convincing. An alert arrives in your inbox from what appears to be Microsoft Azure Monitor, the real service that businesses use to track the health of their systems.

The sender address looks legitimate. It comes from a domain that appears to be Microsoft. There are no obvious spelling mistakes or suspicious links in the body of the email. Most spam filters let it through without flagging it.

The email asks you to click a link to review or resolve an alert. That link does not go to Microsoft. It goes to an attacker-controlled page designed to capture your login credentials or install malicious software.

What makes this attack particularly effective is the absence of the usual warning signs. Businesses that have trained their teams to spot phishing emails may miss this one because it looks exactly like the kind of alert they would expect to receive.

Why Both Attacks Work

These two attacks succeed for the same reason - they are designed to make you act before you think.

The Teams flooding attack creates a sense of panic and then provides an immediate solution. The Azure alert arrives in a calm, official format that does not trigger suspicion. In both cases, the attacker is relying on your instinct to respond quickly to what looks like a real problem.

Neither attack requires sophisticated technology to work. They require a business that has not briefed its team on what to look for.

What Your Team Should Do

If a large volume of spam lands in your inbox and someone contacts you on Teams claiming to be IT support, do not grant access. Contact your IT provider directly using a number or contact method you already have, not one provided in the message.

If you receive an alert from Microsoft Azure Monitor and you are not sure whether it is genuine, do not click the link. Log in to your Azure portal directly by typing the address into your browser, or call your IT support team to check.

The golden rule for both: if something unexpected arrives and asks you to act, verify it through a channel you already trust before you do anything.

How Creavo Helps Businesses Stay Protected

Creavo provides managed IT support for owner-led businesses without an internal IT department across the South of England and Midlands. Part of that support is keeping your team briefed on the threats that are active right now - not just the ones from three years ago.

If you would like to talk about how your business is currently protected against social engineering attacks like these, our team is happy to have that conversation. There is no obligation.

Call us on 0330 002 2466 or click here to get in touch.