Microsoft warns: That ‘IT guy’ messaging you on Teams could be a hacker

April 21, 2026

By Kim Komando

You’re working. A Teams chat pops up. “Hi, this is IT. We’re seeing weird activity on your computer. Mind if I hop on real quick?” Feels normal. Feels safe. It’s Teams. Your company’s chat app.

Nope. It’s a hacker. And Microsoft just dropped a public warning confirming this scam is exploding across American workplaces.

Here’s how it works. 

Hackers set up their own Microsoft account, then abuse a built-in Teams feature called external collaboration to message you from outside your company. They pose as a help desk representative, get on a call and ask you to open Quick Assist so they can “fix” a problem. The second you hand over control, they’re in. They install software, move across your network and quietly copy sensitive files to cloud storage. All while the screen looks like routine IT activity.

The scary part? This skips every scam instinct you’ve built up. It’s not a sketchy email. It’s not a weird text. It’s the trusted corporate chat window you use 50 times a day.

🛑 Why the old rules don’t work

Your training taught you to spot bad grammar, fishy email addresses and fake login pages. None of that applies here. The hackers use real Teams, real Microsoft tools, real voices on real calls. Microsoft itself says this activity blends into normal operations because of the heavy use of legitimate applications and native administrative protocols. Their words, not mine.

One infected employee can hand over the whole company. Customer records. Payroll. Client files. Gone in minutes.

🔒 Lock it down

Do these three things before lunch:

• Never accept a remote access request from someone who messaged you first. Even if the name matches. Hang up. Call IT yourself using a number you already have.
• Look for the “External” tag. Teams flags messages from outside your company with a bright External label. See it on someone claiming to be IT? That’s not IT. Block. Report. Done.
• Set a verbal code word with your real help desk. Microsoft’s own fix. Next time “IT” calls, ask for the word. Scammers won’t have it.

What do you call the hacker who slid into your Teams chat pretending to be IT? A team player nobody drafted. Guess there’s no “I” in Teams, but there’s plenty of IT in impostor. 

📩 Send this to someone who works in an office every day.