Beware that "support call" – it could be a ransomware scam

If you receive a call claiming to be from Microsoft Teams support, think carefully before following their instructions.

Scammers are increasingly pretending to be “help desk” personnel, aiming to deceive employees into allowing them control over their devices.

This is part of a broader ransomware scheme, where access to your business data is blocked unless a substantial payment is made for its return.

Recently, a well-known cybercrime group has escalated this scam.

Initially, they inundate an employee’s inbox with spam, rendering it unusable. Then, they call, pretending to be IT support, offering to “resolve” the issue.

They might instruct your employee to install remote desktop software like AnyDesk or utilize built-in tools like Windows Quick Assist. Once they gain access, they can navigate your network, gather sensitive information, and deploy ransomware on your devices.

Be cautious – they don’t just contact via phone. They’ve also begun creating Teams accounts to convince employees they’re part of IT support.

They achieve this by selecting usernames like “Help Desk” and using fake Microsoft tenant domains such as “securityadminhelper.onmicrosoft.com”. Then, they send direct messages to employees, claiming they need device access.

Ransomware attacks are serious. Besides locking you out of your data, they can halt operations, disrupt customer service, and potentially leak confidential information.

Recovering from a ransomware attack can be costly, both in paying the ransom and managing the aftermath. It can lead to revenue loss, damage your reputation, and possibly have legal repercussions.

Inform your team about this scam and urge caution with unsolicited support calls or Teams messages. Ensure everyone verifies with your actual IT department first if someone requests software installation or access.

Additionally, if your business uses Microsoft Teams, ensure it’s securely configured. Only permit external chats from trusted domains, and enable chat logging.

If you need additional assistance securing your setup, we can help. Contact us.