Ransomware Scam
If you get a call claiming to be from Microsoft Teams support, think twice before doing what they ask.
There’s a new trend of scammers posing as “help desk” staff to trick employees into letting them take over their devices.
This is part of a larger ransomware attack. You’ll be denied access to your business data unless you pay a hefty fee to retrieve it.
A notorious cybercrime group has recently taken this scam to a new level.
First, they’ll flood an employee’s inbox with so much spam that it becomes unusable. Then they swoop in with a phone call, pretending to be from IT support, offering to “fix” the problem.
They may ask your employees to install remote desktop software like AnyDesk or use built-in tools like Windows Quick Assist. Once they have access, they can move around your network, collect sensitive data, and launch ransomware on your devices.
Be warned—they don’t only contact you over the phone. They’ve also started setting up Teams accounts to make employees think they’re part of IT support.
They do this by choosing uyber crime group has recently taken this scam to a new level with Sernames like “Help Desk” and using fake Microsoft tenant domains such as “securityadminhelper.onmicrosoft .com”. Then, they send one-to-one messages to employees, saying they need access to their devices.
Ransomware attacks are serious business. In addition to locking you out of your data, they can shut down your operations, disrupt customer service, and potentially leak confidential information.
Recovering from a ransomware attack can be expensive in terms of paying the ransom and dealing with the aftermath.
It can also result in revenue loss, damage to reputation, and even legal consequences.
Make your team aware of this scam and encourage everyone to be cautious about unsolicited support calls or Teams chats. Also, ensure everyone knows to check with your IT department first if someone asks to install software or gain access.
Also, if your business uses Microsoft Teams, ensure it’s set up securely. Only allow external chats from trusted domains and enable chat logging.