Organisations should exercise caution when receiving calls claiming to be from Microsoft Teams support. Scammers are increasingly posing as “help desk” personnel in an attempt to deceive employees into granting them access to their devices.
This tactic is part of a larger ransomware scheme where access to business data is blocked until a substantial payment is made to regain it.
A notorious cyber criminal group has escalated this scam, implementing a new strategy. Initially, they flood an employee’s inbox with so much spam that it becomes unusable. Subsequently, they contact the employee via phone, impersonating IT support and offering to resolve the issue.
They may request the employee to install remote desktop software, such as AnyDesk, or use built-in tools like Windows Quick Assist. Once granted access, the scammers can move throughout the network, exfiltrate sensitive data, and deploy ransomware to lock business systems.
Be aware, the scammers are not limited to phone calls. They have begun setting up fraudulent Microsoft Teams accounts to further deceive employees into believing they are legitimate IT support. By selecting usernames like “Help Desk” and using fabricated Microsoft tenant domains (e.g., “securityadminhelper.onmicrosoft.com”), they message employees directly, requesting access to their devices.
What are the risks?
Ransomware attacks pose significant risks, not only locking businesses out of their data but also disrupting operations, potentially leaking confidential information and damaging customer relationships. The financial toll of recovery can be substantial, both in terms of ransom payments and the costs associated with remediation. Reputation damage and possible legal implications can also arise.
Advice to keep your business safe
We strongly advise that all employees remain vigilant of unsolicited support calls or Teams messages. It is essential that any requests for software installation or remote access be verified with the internal IT department, or your external IT partner, before action is taken.
For businesses using Microsoft Teams, it is crucial to configure the platform securely. Limit external communications to trusted domains and ensure chat logging is enabled to enhance security.
Seeking Professional Guidance
Should you require assistance in further securing your network or Microsoft Teams setup, please do not hesitate to contact us.
Posted in: News. Tagged:
Can we help?
Contact usIf you have enjoyed reading this article and want to know more about Bluecube, please get in touch. Our friendly team will be happy to answer any queries.
