Beware of "Support Calls"

They Could Be Ransomware Scams

Picture this: You’re having a busy day at work when the phone rings. On the other end of the line is someone claiming to be from Microsoft Teams support. They sound professional, helpful even. But before you follow their instructions, ask yourself: could this be a scam?

The latest trend in cybercrime involves scammers posing as “help desk” staff to trick employees into granting access to their devices. It’s part of a larger ransomware strategy designed to lock businesses out of their own data until they cough up a hefty ransom. These attacks are devastating and growing in sophistication.

The New Face of Ransomware

Recently, a notorious cybercrime group took this scam to a whole new level. Here’s how their operation works:

1. Flood the Inbox: First, they overwhelm an employee’s inbox with spam, making it virtually unusable.
2. The Hero Act: Then, they swoop in with a phone call, posing as IT support ready to "fix" the problem.
3. Gaining Access: They’ll ask the employee to install remote desktop software like AnyDesk or use built-in tools such as Windows Quick Assist.
4. Network Infiltration: Once inside, they navigate the network, collect sensitive data, and deploy ransomware.

But it doesn’t stop there. These scammers are also leveraging Microsoft Teams to gain trust. They’ll create fake Teams accounts with usernames like “Help Desk” and domains such as “securityadminhelper.onmicrosoft.com.” Then, they send one-on-one messages to employees, claiming they need access to their devices to resolve an issue.

Why Ransomware Is a Business Nightmare

Ransomware attacks are more than just an inconvenience; they’re a direct threat to your operations, reputation, and bottom line. Here’s what’s at stake:

• Operational Disruption: Losing access to your data can bring your business to a standstill.
• Customer Impact: Service disruptions can damage your relationships and trust with customers.
• Financial Loss: Beyond paying the ransom, there’s the cost of recovery, lost revenue, and potential legal consequences.
• Reputational Damage: A ransomware attack can tarnish your brand’s image for years to come.

How to Protect Your Business

Education and vigilance are your first lines of defense. Share this information with your team and encourage a healthy skepticism toward unsolicited calls or messages. Here are a few specific steps to safeguard your business:

1. Verify Before Trusting: Teach employees to verify any requests for software installation or access with your IT department first.
2. Secure Microsoft Teams: If your business uses Teams, make sure it’s configured securely. Restrict external chats to trusted domains and enable chat logging.
3. Leverage Professional Help: Cybersecurity is complex, and it’s okay to ask for help. Experts can audit your setup and strengthen your defenses against these evolving threats.

Don’t Wait Until It’s Too Late

Ransomware is serious business, but it doesn’t have to become your business’s problem. By staying informed and proactive, you can protect your operations, your customers, and your reputation. If you’re unsure whether your systems are as secure as they could be, we’re here to help. Get in touch today to discuss your cybersecurity strategy and ensure your business is prepared for whatever comes next.