This time we look mostly at the accounts used for phishing. tl;dr When phishing via Teams, an attacker controls the source AAD. Therefore, he can set every username he wants. This opens some possibilities. E-Mail as username Suffix the Username to ...