Adversaries are utilizing Microsoft Teams as a delivery channel for malware. This attack leverages deceptive Microsoft Teams chat messages sent from compromised Office 365 accounts to encourage victims to download malicious files, effectively bypassing existing security measures.
Restrict Microsoft Teams chat requests to specific external domains. Navigate to https://admin.teams.microsoft.com/dashboard
Click on Users > External Access and change settings accordingly
Note. This will affect any existing external access granted so be sure to review the changes with your users to negate business impact