Beware that “support call” – it could be a ransomware scam • Blisstech Solutions

If you get a call claiming to be from Microsoft Teams support, hang up before doing what they ask.

There’s a new trend for scammers to pose as “help desk” staff and trick employees into giving them control of their devices.

This is part of a larger ransomware attack where you will be denied access to your business data unless you make a hefty ransom payment to get it back.

Recently, a notorious cybercrime group has taken this scam to a new level.

First, they’ll flood an employee’s inbox with so much spam that it becomes unusable. Then they swoop in with a phone call, pretending to be from IT support, offering to “fix” the problem.

They may ask your employees to install remote desktop software like AnyDesk or use built-in tools like Windows Quick Assist. Once they have access, they can move around your network, collect sensitive data, and launch ransomware on your devices.

Be warned – they don’t only reach out over the phone. They’ve also started setting up Teams accounts to make employees think they’re part of IT support.

They do this by choosing usernames like “Help Desk” and using fake Microsoft tenant domains such as “securityadminhelper.onmicrosoft .com”. Then they send one-to-one messages to employees, saying they need access to their device.

Ransomware attacks are serious business. Along with locking you out of your data, they can also shut down your operations, disrupt customer service, and potentially leak confidential information.

Recovering from a ransomware attack can be expensive, both in terms of paying the ransom and dealing with the aftermath. It can cause loss of revenue, damage your reputation, and it could even have legal consequences.

Make your team aware of this scam and encourage everyone to be cautious when taking unsolicited support calls or Teams chats. And make sure everyone knows to check with your actual IT department first, if someone is asking to install software or gain access.

Also, if you use Microsoft Teams in your business, make sure it’s set up securely. Only allow external chats from trusted domains, and make sure chat logging is enabled.

If you want extra help safeguarding your setup, we can do that. Get in touch.

← The Teams Fall 2024 update will increase your business’s productivity Security alert: Business Email Compromise attacks are surging →

Could avatars make your Teams meetings more fun?

Do you inwardly (or outwardly) groan at the thought of yet another video call? They’re now a normal part of our working lives, but it doesn’t make them any more exciting. Good news: Microsoft is introducing Metaverse-style avatars, called Mesh avatars, to Teams. You’ll be able to design your own avatar, personalizing its appearance, accessories, and even choosing its reaction …

Shady character in a mask sitting by computer screens

A new zero-day vulnerability in Windows

Introduction A new zero-day vulnerability in Windows Search has been discovered which can be exploited to automatically open a malicious search window containing remotely-hosted malware executables. The vulnerability is triggered when a user launches a Word document,...

Criminals are exploiting AI to create more convincing scams

One of the many cool things about the new wave of Artificial Intelligence tools is their ability to sound convincingly human. AI chatbots can be prompted to generate text that you’d never know was written by a robot. And they can keep producing it – quickly, and with minimal human intervention. So it’s no surprise that cyber criminals have been…

Passkeys will be better integrated in Windows

Big changes are coming to Windows 11 to make logging in safer and easier. Which is why now’s the time to get ready for a password-free future…

Tech Tip: How to Follow Sites in SharePoint

Hello, Happy New Year and welcome to today's Tuesday Two Minute Tech Tip which is about how to find the data you want to access in SharePoint and OneDrive. If you are working with files in Teams and on SharePoint sites, you might wonder why you do not see the sites...

And the award for most common phishing scam goes to…

Which phishing scam are you and your employees most at risk from? We tell you about the most common phishing emails and the easy way to stay safe.

A woman looking at her phone while working from home

Homeworking is bad for IT security

A new homeworking security report from CyberArk has surveyed 3000 remote office workers and IT professionals. It finds that increased homeworking, resulting from the 2020 pandemic, could be bad news for a company’s IT security posture. It has uncovered several...

Passkeys could change passwords forever

Back in May, we heard there would soon be a successor to the password – the Passkey. Now, we’re hearing that Apple will start rolling out Passkeys in the next few months in iOS 16. And we’re excited. Though it’s caused a bit of confusion. Apple is going to great...

How to create email signatures in Outlook title

Tech Tip: How to create email signatures in Outlook

This Tech Tip will show you how to create and manage email signatures in Outlook. One of the things I get asked about most by new users of Microsoft Office is how to create a professional email signature. Your email signature is not only a useful way to provide your...

Which ransomware payment option is best? (Hint: none)

Cyber criminals are giving you more options when it comes to paying your way out of a ransomware attack. Our advice remains the same though. Find out what that advice is here.

More Content