{"id":14001,"date":"2026-03-20T12:42:31","date_gmt":"2026-03-20T07:12:31","guid":{"rendered":"https:\/\/threatcop.com\/blog\/?p=14001"},"modified":"2026-03-20T12:42:33","modified_gmt":"2026-03-20T07:12:33","slug":"storm-2372-phishing-microsoft-teams","status":"publish","type":"post","link":"https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/","title":{"rendered":"How to Differentiate Genuine Teams Invites from Storm-2372 Phishing Scams"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Phishing has progressed from your everyday emails into collaboration platforms like Microsoft Teams. Recent security research indicates that nearly 40% of phishing campaigns happen on platforms like MS Teams, updating the way phishing attacks occur today.<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">What is now of particular concern is the emergence of <\/span><\/span><span style=\"box-sizing: border-box; margin: 0px; padding: 0px;\"><span style=\"color:#000000\">Storm-2372 phishing Microsoft Teams&nbsp;attacks as significant threats, leveraging<\/span><\/span><span style=\"color: #000000;\"><span style=\"font-weight: 400;\"> trusted Microsoft authentication workflows to bypass traditional security controls.<\/span><\/span><\/p><div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 ez-toc-wrap-center counter-hierarchy ez-toc-counter ez-toc-light-blue ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #414141;color:#414141\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #414141;color:#414141\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/#What_Is_the_Storm-2372_Phishing\" >What Is the Storm-2372 Phishing?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/#How_to_Detect_Phishing_Attacks_in_Your_Microsoft_Teams_App\" >How to Detect Phishing Attacks in Your Microsoft Teams App<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/#Real_vs_Phishing_Teams_Invites_Comparison\" >Real vs. Phishing Teams Invites: Comparison<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/#Protect_Against_Storm-2372_with_ThreatCop\" >Protect Against Storm-2372 with ThreatCop<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/#Final_Thoughts_Create_Your_Human_Firewall\" >Final Thoughts: Create Your Human Firewall<\/a><\/li><\/ul><\/nav><\/div>\n\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">According to Microsoft Threat Intelligence, Storm-2372, a threat actor, uses a form of device-code phishing to spoof legitimate contacts and redirect conversations into an MS Teams environment, making the user feel secure as collaboration continues.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">This blog looks at how to identify fake MS Teams invites and what organizations can do to stop themselves from being compromised.<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"What_Is_the_Storm-2372_Phishing\"><\/span><span style=\"color: #000000;\"><b>What Is the Storm-2372 Phishing?<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">The Storm-2372 phishing campaign, identified by Microsoft Threat Intelligence, has been active since August 2024.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Unlike traditional <\/span><a href=\"https:\/\/threatcop.com\/blog\/what-is-phishing-how-to-prevent-it\/\"><span style=\"font-weight: 400;\">phishing<\/span><\/a><span style=\"font-weight: 400;\"> methods, <\/span>Storm-2372 phishing via Microsoft Teams <span style=\"font-weight: 400;\">hijacks existing sessions via the device code authentication process used by MS Teams.<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Typically, attackers identify and reach out to the target via other applications such as WhatsApp or LinkedIn. They build up enough trust to send the victim a fake MS Teams meeting invite, which contains a legitimate device login code. When the victim enters the device login code on Microsoft\u2019s actual sign-in page, they are unknowingly granting access to the attacker\u2019s device<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">This bypasses two-factor authentication and allows direct access to email, Teams messages, and cloud storage. Storm-2372 demonstrates how modern phishing attacks are now using identity to gain trust\u2014rather than exploiting technology.<\/span><\/p>\n\n\n\n<!DOCTYPE html>\n<html lang=\"en\">\n\n<head>\n    <meta charset=\"UTF-8\">\n    <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n    <title>Document<\/title>\n<\/head>\n\n<style>\n    .interestedBtn {\n        width: 70% !important;\n        box-sizing: border-box !important;\n        display: inline-block !important;\n        padding: 11px !important;\n        border: 1px !important;\n        border-color: #ddd !important;\n        margin-top: 10px !important;\n        background-color: #fff !important;\n        background-image: none !important;\n        text-shadow: none !important;\n        color: #000 !important;\n        font-size: 14px !important;\n        line-height: 20px !important;\n        border-radius: 5px !important;\n        margin: 0 !important;\n        cursor: pointer !important;\n    }\n\n\n.formSec .formSecTwo{\n    padding-top: 30px !important;\n}\n\n\n    .tnp-email {\n         width: 70% !important;\n    box-sizing: border-box;\n    padding: 8px 10px;\n    display: inline-block;\n    border: 1px solid #ddd;\n     background: #183e8b;\n    color: #fff !important;\n    font-size: 13px;\n    line-height: 20px;\n    border-radius: 2px;\n    padding-right: 30px;\n    margin-bottom: 0px;\n\n    }\n\n    .formSec {\n        float: left !important;\n        width: 55% !important;\n    }\n\n    .mainBox {\n            background: #183e8b;\n        max-width: 600px !important;\n        margin: 0 auto !important;\n        padding: 20px !important;\n        font-family: Arial, Helvetica, sans-serif !important;\n    }\n\n    .boxDiv {\n        display: flex !important;\n    }\n\n    .boxConsult {\n        float: left !important;\n        width: 45% !important;\n    }\n\n    .formSecTwo {\n        text-align: right !important;\n        width: 100% !important;\n    }\n\n    .formHeading {\n        font-family: Arial, Helvetica, sans-serif;\n        margin-top: 0px;\n        font-weight: 700;\n        line-height: 25px;\n        font-size: 18px !important;\n        margin-bottom: 70px;\n       margin-bottom: 70px !important;\n       color: white !important;\n          margin-top: 0px !important;\n    }\n\n    .fieldHeading {\n        margin: 0 !important;\n        font-size: 13px !important;\n        text-align: left !important;\n        margin: 0px 39px 2px 93px !important;\n        font-weight: 500 !important;\n    }\n\n    .image {\n        max-width: 100% !important;\n        height: auto !important;\n    }\n\n     .email-icon {\n            position: absolute;\n            right: 10px;\n            top:18px;\n            transform: translateY(-50%);\n            pointer-events: none; \/* Make sure the icon doesn't block clicking on the input *\/\n        }\n\n          .email-container{\n             position: relative;\n         \n        }\n       \n\n        .email-icon img{\n                 width: 15px;\n        }\n\n\n         input::placeholder {\n            color:white;\n        }\n\n    @media screen and (max-width: 480px) {\n        .boxDiv {\n            display: block !important;\n            padding: 15px !important;\n         \n        }\n\n        .image{\n            width: 60% !important;\n        }\n        .fieldHeading {\n            text-align: left !important;\n            margin: unset !important;\n        }\n\n        .boxConsult {\n            width: unset !important;\n            float: none !important;\n        }\n\n        .mainBox {\n            border: unset !important;\n        }\n\n        .formSec {\n            float: unset !important;\n            width: 100% !important;\n        }\n\n        .formSecTwo {\n            text-align: center !important;\n        }\n\n        .tnp-email {\n            width: 100% !important;\n        }\n\n        .formHeading {\n            margin-bottom: unset !important;\n        }\n\n         .email-icon {\n            position: absolute;\n            right: 10px;\n            top: 50%;\n            transform: translateY(-50%);\n            pointer-events: none; \/* Make sure the icon doesn't block clicking on the input *\/\n        }\n       \n        .email-container{\n             position: relative;\n        }\n\n    }\n<\/style>\n\n<body>\n\n    <div class=\"mainBox\" box-sizing:=\"\" border-box;=\"\">\n\n        <div class=\"boxDiv\">\n\n            <div class=\"boxConsult\">\n                <div>\n                    <h3 class=\"formHeading\" style=\"margin-top: 0;\">\n                        Book a Free Demo Call with Our People Security Expert<\/h3>\n                <\/div>\n                <img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/marketing\/vector.svg\" class=\"image\">\n            <\/div>\n\n            <div class=\"formSec\">\n                <div class=\" formSecTwo\">\n                    <div class=\"tnp tnp-subscription-minimal\">\n                        <form action=\"https:\/\/threatcop.com\/thankyou-blog\" method=\"get\" target=\"_blank\">\n                            <div class=\"email-container\" style=\"margin-bottom: 15px;\">\n\n                                <input class=\"tnp-email\" type=\"text\" required=\"\" name=\"FullName\" value=\"\"\n                                    placeholder=\"Full Name\">\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/marketing\/icon1.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n\n                            <div class=\"email-container\" style=\"margin-bottom: 15px;\">\n                               \n                                <input class=\"tnp-email\" type=\"email\" required=\"\" name=\"email\" value=\"\"\n                                    placeholder=\"Corporate Email Id\">\n                                     <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/marketing\/icon2.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n\n                            <div class=\"email-container\" style=\"margin-bottom: 15px;\">\n                               \n                                <input class=\"tnp-email\" type=\"text\" required=\"\" name=\"CompanyName\" value=\"\"\n                                    placeholder=\"Company Name\">\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/marketing\/icon3.svg\" class=\"img-fluid\" \/><\/span>\n\n                            <\/div>\n\n                            <div class=\"email-container\">\n                               \n                                <input class=\"tnp-email\" type=\"number\" required=\"\" name=\"Phone\" value=\"\"\n                                    placeholder=\"Phone No.\"><br>\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/marketing\/icon4.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n                            <input type=\"hidden\" name=\"BlogForm\" value=\"BlogForm\"><br>\n                            <input class=\"tnp-submit interestedBtn\" name=\"submit\" type=\"submit\"\n                                value=\"SUBMIT\">\n\n                        <\/form>\n                    <\/div>\n                <\/div>\n            <\/div>\n\n        <\/div>\n    <\/div>\n\n<\/body>\n\n<\/html>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_to_Detect_Phishing_Attacks_in_Your_Microsoft_Teams_App\"><\/span><span style=\"color: #000000;\"><b>How to Detect Phishing Attacks in Your Microsoft Teams App<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">To detect Storm-2372 attacks, you need to look for both technical evidence and signs of unusual behavior. Storm-2372 campaigns appear very normal and professional to the user.<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\">Fake Microsoft Emails Used as Part of Phishing Schemes<\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Storm-2372 campaigns use Microsoft\u2019s Device Code Flow as one of the most common abuse techniques. This was designed for devices without a keyboard and provides a method of signing in with a device verification code. Attackers are now exploiting this same process as a way to capture authenticated sessions.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Here are the warning signs to look for:<\/span><\/p>\n\n\n\n<h4 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><strong>Suspicious Redirect Chains:<\/strong><\/span><\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">A legitimate Teams invite will be sent to the existing Teams application or to <\/span><b>teams.microsoft.com<\/b><span style=\"font-weight: 400;\">. Most times, a malicious invite will go through multiple redirected domains and typically use compromised <\/span><b>*.azurewebsites.net pages<\/b><span style=\"font-weight: 400;\">.<\/span><\/span><\/p>\n\n\n\n<h4 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><strong>Unusual Requests for Device Login:<\/strong><\/span><\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">You will never have to enter a device code when joining a Teams meeting on your computer or mobile device. If you receive an invite to a Teams meeting requesting you to visit<\/span><\/span><a href=\"https:\/\/microsoft.com\"> www.microsoft.com<\/a><span style=\"color: #000000;\"><span style=\"font-weight: 400;\"> and enter an alphanumeric device code, you should stop and think. This mirrors techniques used in traditional attachment-based phishing schemes, creating a similar experience in a cloud environment.<\/span><\/span><\/p>\n\n\n\n<h4 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><strong>Display Name Tampering:<\/strong><\/span><\/h4>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">A common tactic used by attackers is to leverage compromised external accounts while posing as members of internal teams. Be on the lookout for the &#8220;(External)&#8221; label in Teams\u2014be sure to verify any internal alerts containing that designation prior to taking action.<\/span><\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><strong>Fake Mail Red Flags<\/strong><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Operators of Storm-2372 utilize subtle means of deception to bypass either security filters or human attention when sending emails using the techniques listed below:<\/span><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"font-weight: 400; color: #000000;\">Swapping unicode characters, e.g., replacing the letter &#8220;o&#8221; in &#8220;Microsoft&#8221; with a Cyrillic character<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">Using hijacked email identities with display names that appear professional<\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">Creating urgency-driven language (e.g., &#8220;Your Subscription Auto-Pay Was Declined&#8221; or &#8220;Mandatory Meeting with CEO&#8221;)<\/span><\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Real_vs_Phishing_Teams_Invites_Comparison\"><\/span><span style=\"color: #000000;\"><strong>Real vs. Phishing Teams Invites: Comparison<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Once teams invites arrive, employees usually do not have time for investigatory action. Visual clues can significantly help teams make decisions quickly and safely.<\/span><\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><tbody><tr><td>\n<p><span style=\"color: #000000;\"><b>Feature<\/b><\/span><\/p>\n<\/td><td>\n<p><span style=\"color: #000000;\"><b>Genuine Teams Invite<\/b><\/span><\/p>\n<\/td><td>\n<p><span style=\"color: #000000;\"><b>Storm-2372 Phishing Scam<\/b><\/span><\/p>\n<\/td><\/tr><tr><td>\n<p><span style=\"font-weight: 400; color: #000000;\">Sender Domain<\/span><\/p>\n<\/td><td>\n<p><span style=\"font-weight: 400; color: #000000;\">Verified @microsoft.com or a trustworthy partner<\/span><\/p>\n<\/td><td>\n<p><span style=\"font-weight: 400; color: #000000;\">Hacked\/mismatched domain (i.e., @gmx.com)<\/span><\/p>\n<\/td><\/tr><tr><td>\n<p><span style=\"font-weight: 400; color: #000000;\">Authentication Flow<\/span><\/p>\n<\/td><td>\n<p><span style=\"font-weight: 400; color: #000000;\">Standard SSO\/MFA login<\/span><\/p>\n<\/td><td>\n<p><span style=\"font-weight: 400; color: #000000;\">Requests unexpected device code authentication<\/span><\/p>\n<\/td><\/tr><tr><td>\n<p><span style=\"font-weight: 400; color: #000000;\">Link Destination<\/span><\/p>\n<\/td><td>\n<p><span style=\"font-weight: 400; color: #000000;\">Opens directly at teams.microsoft.com<\/span><\/p>\n<\/td><td>\n<p><span style=\"font-weight: 400; color: #000000;\">Redirects via shortened or unknown links<\/span><\/p>\n<\/td><\/tr><tr><td>\n<p><span style=\"font-weight: 400; color: #000000;\">Message Tone<\/span><\/p>\n<\/td><td>\n<p><span style=\"font-weight: 400; color: #000000;\">Neutral and professional<\/span><\/p>\n<\/td><td>\n<p><span style=\"font-weight: 400; color: #000000;\">Urgent, alarming, or pressuring language&nbsp;<\/span><\/p>\n<\/td><\/tr><tr><td>\n<p><span style=\"font-weight: 400; color: #000000;\">External Label<\/span><\/p>\n<\/td><td>\n<p><span style=\"font-weight: 400; color: #000000;\">Clearly identified as a legitimate enterprise guest account<\/span><\/p>\n<\/td><td>\n<p><span style=\"font-weight: 400; color: #000000;\">Hidden by emojis or Unicode trickery<\/span><\/p>\n<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Protect_Against_Storm-2372_with_ThreatCop\"><\/span><span style=\"color: #000000;\"><strong>Protect Against Storm-2372 with ThreatCop<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Most phishing scams are successful only because they appear nearly legitimate. Therefore, it is important that employees are trained to identify minor variations and differences.&nbsp;<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\">Train Employees Using Realistic Simulations<\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">ThreatCop provides employees the opportunity to learn and recognize phishing attacks using real phishing scenarios as examples. ThreatCop\u2019s <\/span><a href=\"https:\/\/threatcop.com\/threatcop-security-awareness-training?utm_source=chatgpt.com\">TSAT<\/a><span style=\"font-weight: 400;\"> provides training so employees recognize phishing attempts disguised as genuine Microsoft Teams invites and device code requests before interacting with a phishing scammer.<\/span><\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><strong>Instantaneously Detect Phishing Attacks<\/strong><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">ThreatCop\u2019s <\/span><a href=\"https:\/\/threatcop.com\/threatcop-phishing-incident-response\"><span style=\"font-weight: 400;\">TPIR<\/span><\/a><span style=\"font-weight: 400;\"> platform integrates with Microsoft 365. When a user reports a suspicious phishing attack within a Microsoft Teams message, the ThreatCop platform instantaneously processes all links and sender information and performs algorithmic analysis of message behavior.<\/span><\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><strong>Prevent Attacks From Spreading<\/strong><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">When a threat is verified, ThreatCop quickly isolates the malicious message across your entire organization\u2014preventing an accidental click from turning into a widespread data breach.<\/span><\/p>\n\n\n\n\n<style>\n  .threatcop-banner {\n    background-color: #02022e;\n    border: 2px solid #00bf63;\n    border-radius: 12px;\n    padding: 12px 24px;\n    display: flex;\n    justify-content: space-between;\n    align-items: center;\n    max-width: 1100px;\n    margin: 20px auto;\n    color: #ffffff;\n    font-family: Arial, sans-serif;\n  }\n\n  .threatcop-banner-text {\n    font-size: 18px;\n    font-weight: 500;\n  }\n\n  .threatcop-banner-button {\n    background-color: #00bf63;\n    color: #ffffff;\n    padding: 8px 20px;\n    border-radius: 8px;\n    text-decoration: none;\n    font-weight: 500;\n    white-space: nowrap;\n    transition: 0.2s ease;\n    font-size: 15px;\n  }\n\n  .threatcop-banner-button:hover {\n    opacity: 0.9;\n  }\n\n  @media (max-width: 768px) {\n    .threatcop-banner {\n      flex-direction: column;\n      text-align: center;\n      gap: 10px;\n    }\n  }\n<\/style>\n\n<div class=\"threatcop-banner\">\n  <div class=\"threatcop-banner-text\">\n    Discuss Your Organization\u2019s Human Risk Challenges\n  <\/div>\n  <a href=\"https:\/\/threatcop.com\/contact-us?utm_source=thrm_summerized_blog\" class=\"threatcop-banner-button\">\n    Book a Meeting\n  <\/a>\n<\/div>\n\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Final_Thoughts_Create_Your_Human_Firewall\"><\/span><span style=\"color: #000000;\"><b>Final Thoughts: Create Your Human Firewall<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Knowing <\/span>how to spot a phishing email<span style=\"font-weight: 400;\"> is no longer just an IT responsibility. It is now a crucial part of business continuity and security. The recent <\/span>Storm-2372 phishing of Microsoft Teams <span style=\"font-weight: 400;\">shows how hackers can now use legitimate work patterns and apply trust to perform their scams instead of relying on highly sophisticated technical exploits.<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">The best defense is having many individuals educated on preventing attacks, combined with intelligent automation. When companies deliver realistic cybersecurity education to employees paired with AI technology, staff can collaborate easily without becoming easy targets.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">The ultimate goal is not only to prevent one phishing scam but also to create a working community in which every employee can identify warning signs early and take action to avert a digital attack before it happens.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Phishing has progressed from your everyday emails into collaboration platforms like Microsoft Teams. Recent security research indicates that nearly 40% of phishing campaigns happen on platforms like MS Teams, updating the way phishing attacks occur today. What is now of particular concern is the emergence of Storm-2372 phishing Microsoft Teams&nbsp;attacks as significant threats, leveraging trusted [&hellip;]<\/p>\n","protected":false},"author":14,"featured_media":14003,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[329],"tags":[],"class_list":["post-14001","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-human-risk-management"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>How to Prevent Storm-2372 Phishing Scams in Microsoft Teams<\/title>\n<meta name=\"description\" content=\"Learn to identify and prevent Storm-2372 phishing in Microsoft Teams. Spot fake invites, suspicious logins, and deceptive emails to protect your organization.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Prevent Storm-2372 Phishing Scams in Microsoft Teams\" \/>\n<meta property=\"og:description\" content=\"Learn to identify and prevent Storm-2372 phishing in Microsoft Teams. Spot fake invites, suspicious logins, and deceptive emails to protect your organization.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/\" \/>\n<meta property=\"og:site_name\" content=\"Threatcop\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/\" \/>\n<meta property=\"article:published_time\" content=\"2026-03-20T07:12:31+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-20T07:12:33+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/03\/How-to-Differentiate-Genuine-Teams-Invites-from-Storm-2372-Phishing-Scams.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1080\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Milind Udbhav\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatcop\" \/>\n<meta name=\"twitter:site\" content=\"@threatcop\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Milind Udbhav\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/storm-2372-phishing-microsoft-teams\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/storm-2372-phishing-microsoft-teams\\\/\"},\"author\":{\"name\":\"Milind Udbhav\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/0916e68ec2b646f2a92d2cfd4d3f6812\"},\"headline\":\"How to Differentiate Genuine Teams Invites from Storm-2372 Phishing Scams\",\"datePublished\":\"2026-03-20T07:12:31+00:00\",\"dateModified\":\"2026-03-20T07:12:33+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/storm-2372-phishing-microsoft-teams\\\/\"},\"wordCount\":1003,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/storm-2372-phishing-microsoft-teams\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/How-to-Differentiate-Genuine-Teams-Invites-from-Storm-2372-Phishing-Scams.jpg\",\"articleSection\":[\"Human Risk Management\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/storm-2372-phishing-microsoft-teams\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/storm-2372-phishing-microsoft-teams\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/storm-2372-phishing-microsoft-teams\\\/\",\"name\":\"How to Prevent Storm-2372 Phishing Scams in Microsoft Teams\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/storm-2372-phishing-microsoft-teams\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/storm-2372-phishing-microsoft-teams\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/How-to-Differentiate-Genuine-Teams-Invites-from-Storm-2372-Phishing-Scams.jpg\",\"datePublished\":\"2026-03-20T07:12:31+00:00\",\"dateModified\":\"2026-03-20T07:12:33+00:00\",\"description\":\"Learn to identify and prevent Storm-2372 phishing in Microsoft Teams. Spot fake invites, suspicious logins, and deceptive emails to protect your organization.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/storm-2372-phishing-microsoft-teams\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/storm-2372-phishing-microsoft-teams\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/storm-2372-phishing-microsoft-teams\\\/#primaryimage\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/How-to-Differentiate-Genuine-Teams-Invites-from-Storm-2372-Phishing-Scams.jpg\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/How-to-Differentiate-Genuine-Teams-Invites-from-Storm-2372-Phishing-Scams.jpg\",\"width\":1920,\"height\":1080,\"caption\":\"Storm-2372 Phishing Scams\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/storm-2372-phishing-microsoft-teams\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to Differentiate Genuine Teams Invites from Storm-2372 Phishing Scams\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"name\":\"Threatcop\",\"description\":\"Cybersecurity Blogs, News, Updates, and Articles\",\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\",\"name\":\"Threatcop\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/threatcop-logo-black-1.png\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/threatcop-logo-black-1.png\",\"width\":432,\"height\":102,\"caption\":\"Threatcop\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/people\\\/Threatcop\\\/100083109892339\\\/\",\"https:\\\/\\\/x.com\\\/threatcop\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/threatcop\\\/\",\"https:\\\/\\\/www.instagram.com\\\/threatcop_official\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/0916e68ec2b646f2a92d2cfd4d3f6812\",\"name\":\"Milind Udbhav\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/11\\\/avatar_user_14_1731396320.jpg\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/11\\\/avatar_user_14_1731396320.jpg\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/11\\\/avatar_user_14_1731396320.jpg\",\"caption\":\"Milind Udbhav\"},\"description\":\"Technical Content Writer at Threatcop Milind Udbhav is a cybersecurity researcher and technology enthusiast. As a Technical Content Writer at Threatcop, he uses his research experience to create informative content which helps audience to understand core concepts easily.\",\"sameAs\":[\"https:\\\/\\\/threatcop.com\\\/\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to Prevent Storm-2372 Phishing Scams in Microsoft Teams","description":"Learn to identify and prevent Storm-2372 phishing in Microsoft Teams. Spot fake invites, suspicious logins, and deceptive emails to protect your organization.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/","og_locale":"en_US","og_type":"article","og_title":"How to Prevent Storm-2372 Phishing Scams in Microsoft Teams","og_description":"Learn to identify and prevent Storm-2372 phishing in Microsoft Teams. Spot fake invites, suspicious logins, and deceptive emails to protect your organization.","og_url":"https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/","og_site_name":"Threatcop","article_publisher":"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","article_published_time":"2026-03-20T07:12:31+00:00","article_modified_time":"2026-03-20T07:12:33+00:00","og_image":[{"width":1920,"height":1080,"url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/03\/How-to-Differentiate-Genuine-Teams-Invites-from-Storm-2372-Phishing-Scams.jpg","type":"image\/jpeg"}],"author":"Milind Udbhav","twitter_card":"summary_large_image","twitter_creator":"@threatcop","twitter_site":"@threatcop","twitter_misc":{"Written by":"Milind Udbhav","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/#article","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/"},"author":{"name":"Milind Udbhav","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/0916e68ec2b646f2a92d2cfd4d3f6812"},"headline":"How to Differentiate Genuine Teams Invites from Storm-2372 Phishing Scams","datePublished":"2026-03-20T07:12:31+00:00","dateModified":"2026-03-20T07:12:33+00:00","mainEntityOfPage":{"@id":"https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/"},"wordCount":1003,"commentCount":0,"publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"image":{"@id":"https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/03\/How-to-Differentiate-Genuine-Teams-Invites-from-Storm-2372-Phishing-Scams.jpg","articleSection":["Human Risk Management"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/","url":"https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/","name":"How to Prevent Storm-2372 Phishing Scams in Microsoft Teams","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/#primaryimage"},"image":{"@id":"https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/03\/How-to-Differentiate-Genuine-Teams-Invites-from-Storm-2372-Phishing-Scams.jpg","datePublished":"2026-03-20T07:12:31+00:00","dateModified":"2026-03-20T07:12:33+00:00","description":"Learn to identify and prevent Storm-2372 phishing in Microsoft Teams. Spot fake invites, suspicious logins, and deceptive emails to protect your organization.","breadcrumb":{"@id":"https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/#primaryimage","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/03\/How-to-Differentiate-Genuine-Teams-Invites-from-Storm-2372-Phishing-Scams.jpg","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/03\/How-to-Differentiate-Genuine-Teams-Invites-from-Storm-2372-Phishing-Scams.jpg","width":1920,"height":1080,"caption":"Storm-2372 Phishing Scams"},{"@type":"BreadcrumbList","@id":"https:\/\/threatcop.com\/blog\/storm-2372-phishing-microsoft-teams\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/threatcop.com\/blog\/"},{"@type":"ListItem","position":2,"name":"How to Differentiate Genuine Teams Invites from Storm-2372 Phishing Scams"}]},{"@type":"WebSite","@id":"https:\/\/threatcop.com\/blog\/#website","url":"https:\/\/threatcop.com\/blog\/","name":"Threatcop","description":"Cybersecurity Blogs, News, Updates, and Articles","publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/threatcop.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/threatcop.com\/blog\/#organization","name":"Threatcop","url":"https:\/\/threatcop.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/06\/threatcop-logo-black-1.png","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/06\/threatcop-logo-black-1.png","width":432,"height":102,"caption":"Threatcop"},"image":{"@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","https:\/\/x.com\/threatcop","https:\/\/www.linkedin.com\/company\/threatcop\/","https:\/\/www.instagram.com\/threatcop_official\/"]},{"@type":"Person","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/0916e68ec2b646f2a92d2cfd4d3f6812","name":"Milind Udbhav","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/11\/avatar_user_14_1731396320.jpg","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/11\/avatar_user_14_1731396320.jpg","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/11\/avatar_user_14_1731396320.jpg","caption":"Milind Udbhav"},"description":"Technical Content Writer at Threatcop Milind Udbhav is a cybersecurity researcher and technology enthusiast. As a Technical Content Writer at Threatcop, he uses his research experience to create informative content which helps audience to understand core concepts easily.","sameAs":["https:\/\/threatcop.com\/"]}]}},"_links":{"self":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/14001","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/users\/14"}],"replies":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/comments?post=14001"}],"version-history":[{"count":2,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/14001\/revisions"}],"predecessor-version":[{"id":14004,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/14001\/revisions\/14004"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media\/14003"}],"wp:attachment":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media?parent=14001"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/categories?post=14001"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/tags?post=14001"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}