Beware that “support call” – it could be a ransomware scam

If you get a call claiming to be from Microsoft Teams support, think twice before doing what they ask.

There’s a new trend for scammers to pose as “help desk” staff, with the aim of tricking employees into letting them take over their devices.

This is part of a larger ransomware attack, where you’ll be denied access to your business data unless you make a hefty payment to get it back.

Recently, a notorious cyber crime group has taken this scam to a new level.

First, they’ll flood an employee’s inbox with so much spam that it becomes unusable. Then they swoop in with a phone call, pretending to be from IT support, offering to “fix” the problem.

They may ask your employee to install remote desktop software like AnyDesk or use built-in tools like Windows Quick Assist. Once they have access, they can move around your network, collect sensitive data, and launch ransomware on your devices.

Be warned – they don’t only reach out over the phone. They’ve also started setting up Teams accounts to make employees think they’re part of IT support.

They do this by choosing usernames like “Help Desk” and using fake Microsoft tenant domains such as “securityadminhelper.onmicrosoft .com”. Then they send one-to-one messages to employees, saying they need access to their device.

Ransomware attacks are serious business. Along with locking you out of your data, they can also shut down your operations, disrupt customer service, and potentially leak confidential information.

Recovering from a ransomware attack can be expensive, both in terms of paying the ransom and dealing with the aftermath. It can cause loss of revenue, damage your reputation, and it could even have legal consequences.

Make your team aware of this scam and encourage everyone to be cautious with any unsolicited support calls or Teams chats. And make sure everyone knows to check with your actual IT department first, if someone is asking to install software or gain access.

Also, if you use Microsoft Teams in your business, make sure it’s set up securely. Only allow external chats from trusted domains, and make sure chat logging is enabled.

If you want extra help safeguarding your setup, we can do that. Get in touch.

Past Blogs

Copilot connects Microsoft and Google

Microsoft Copilot Now Connects Gmail and Outlook—What This Means for Your Business

If you’ve ever found yourself switching between Gmail, Outlook, and countless browser tabs just to track down an email or check your diary, you’re not alone. For many...
New Ransomware Warning

New Ransomware Alert: What UK Businesses Should Do

Don't Waste Time Searching Through Settings

Windows 11’s New AI Agent: A Smarter Way to Tackle Settings

More accessibility Features in Windows 11

Windows 11’s New Accessibility Tool: What It Means for Your Business

Outlook flags your important email

Outlook will flag your most important emails

Can your staff access too much?

Half of staff have too much access to data

Windows 10 hit ends of life in just over 2 weeks

Free Support for Windows 10 Ends in Just Two Weeks – Here’s What Your Business Needs to Know

Free Support for Windows 10 Ends in Just Two Weeks – Here’s What Your Business Needs to Know What would it take to bring your business to a halt?It’s not always a major...
Better passkey integration in windows

Passkeys will be better integrated in Windows

New hire? New security risk

New member of staff… new cyber security risk?

   When you bring someone new into the business, your first thought is usually about getting them set up to succeed. A laptop, email account, access to the right...
Microsoft to Introduce a Unified Naming System for Hackers

Microsoft to Introduce a Unified Naming System for Hackers

Have you ever tried to follow a crime documentary where the main suspect keeps changing names? It’s confusing—and that’s exactly what’s been happening in the world of...