For years, the inbox has been the center of gravity for security awareness programs. That made sense when most phishing attacks started and ended with an email.
But that’s no longer how breaches unfold.
Today’s social engineering attacks move laterally across channels, now spanning workplace tools. A calendar invite leads to a call. A call leads to an MFA prompt. A verification email arrives mid-conversation. In less than ten minutes, a routine-looking meeting can turn into an account takeover.
When simulations only test one channel, they miss how risk actually manifests.
That’s why we’re introducing Microsoft Teams Simulations — a new channel in Doppel’s Human Risk Management solution designed to help organizations measure and reduce risk across the same collaboration surfaces attackers are actively targeting.
See the feature in action.
The Rise of Collaboration-Led Attacks
Workplace communication platforms were built for speed and trust. A meeting invite from IT support to troubleshoot a tech issue. A Teams call from the payroll department about a direct deposit hiccup. A compliance review scheduled on your calendar.
These interactions feel operational. Internal. Expected.
That’s exactly why they work.
Threat actors have increasingly shifted their focus to collaboration platforms. Instead of sending a suspicious link, they send a legitimate-looking meeting invite. Instead of relying on static phishing pages, they use live voice conversations to establish authority and urgency. Instead of attacking one surface, they combine multiple — first hitting inboxes, then following up with a call offering to “help.”
Calendar-based attacks introduce an additional blind spot. Meeting invites often originate from legitimate infrastructure and can bypass traditional email authentication checks. Even when security tools flag an email, the calendar event itself may persist. The result is a security exposure that technology alone cannot fully solve.
Only internal defenses, built through specific training and realistic simulations, can close that gap.
Training in the Tools Employees Trust Most
Many voice phishing attacks rely on phone calls to personal devices. They exploit users outside their work environment, where there is no requirement to respond, and some even screen calls from unknown numbers.
Attacks that target collaboration tools happen entirely within the enterprise ecosystem. The meeting invite lands in Outlook. The notification appears on a managed device. The call takes place inside Microsoft Teams. The interaction unfolds during the workday, in a platform employees trust. These collaboration tools feel safe by default.
That context matters. It shapes how employees respond when attackers prey on professional courtesy, collaboration, and a workplace setting.
Microsoft Teams Simulations: Multi-Channel by Design
With Microsoft Teams Simulations, security teams can now design campaigns that reflect this modern attack chain directly within Doppel’s Human Risk Management solution.
Using our vibe phishing simulation capability, admins simply describe the scenario they want to test in natural language. Doppel generates the campaign — including the meeting pretext, messaging, voice agent, and live interaction flow.
From the employee’s perspective, the experience feels legitimate.
A target receives a Teams meeting invite in Outlook from what appears to be a legitimate user, maybe from IT Support, payroll, or compliance. The context is plausible. The timing feels urgent.
When they dial into the meeting, an AI voice agent joins them.
The agent introduces themselves using the predefined persona. The conversation unfolds naturally: not from a static script, but through dynamic AI dialogue. The agent then discreetly attempts to socially engineer the target into disclosing credentials, approving MFA prompts, or sharing sensitive information.
Here’s an example of a Teams email with an associated meeting invitation and a call with an agent (which, at the surface, looks just like the real thing):
Everything, from the calendar invite to the voice interaction, is tracked and measured within a single campaign. For security leaders, this means visibility into how users respond across collaboration surfaces, not just whether they click links. Microsoft Teams Simulations surface behavioral risk that would otherwise remain invisible in email-only programs.
Ready-to-Launch Scenarios That Test Every Angle
Real attackers rely on sequences, not single moments. They establish trust in one channel, then weaponize it in another. They adapt in real time if they encounter resistance. Now, your simulations can mirror that behavior.
Microsoft Teams Simulations test layered behavior. First, does the employee scrutinize the meeting invitation? Do they question the sender and the context before joining? Second, once inside the call, can they recognize live social engineering — urgency, authority, procedural language, and subtle pressure designed to override skepticism?
Microsoft Teams Simulations are available to Doppel Human Risk Management customers with 30 ready-to-use templates based on real-world social engineering scenarios, including IT credential verification, MFA resets, payroll corrections, compliance audits, vendor onboarding calls, and executive briefings.
Security teams can even extend scenarios further, sending a verification email mid-call or referencing an MFA prompt during the conversation, to replicate the multistep chains used in modern breaches. Instead of testing isolated awareness, you’re evaluating resilience across an evolving interaction.
The result is training that reflects real risk, not generic hypotheticals.
Built for How Modern Social Engineering Operates
Attackers have already evolved beyond single-channel phishing. They combine calendar invites with voice calls. They chain collaboration tools with inbox follow-ups. They build credibility before attempting exploitation.
Effective Human Risk Management has to mirror that reality.
With Microsoft Teams Simulations, organizations can test and measure resilience across multiple attack surfaces in one cohesive campaign — inside the tools employees use every day.
Because the goal isn’t to simulate yesterday’s phishing email. It’s to prepare for how attacks actually happen.
For organizations serious about understanding and reducing human risk across the full attack surface, collaboration channels can’t be an afterthought.
Microsoft Teams Simulations are available at an additional cost to Doppel Human Risk Management customers. To learn more and see the feature live, book a demo.