Ransomware attacks are evolving, and the latest scam could leave your business locked out of its own data unless you pay a steep ransom to regain access.
A notorious cybercriminal group has upped the stakes with this new tactic.
Here’s how it works:
First, an employee’s inbox is bombarded with an overwhelming amount of spam, rendering it practically unusable. Then, the scammers call the employee, pretending to be from IT support, offering to “resolve” the issue.
During the call, they might request the installation of remote desktop tools like AnyDesk or suggest using built-in software such as Windows Quick Assist. Once they gain access, they infiltrate your network, steal sensitive data, and launch ransomware on your systems.
But these criminals don’t just rely on phone calls. They’ve also started targeting employees through Microsoft Teams, creating fake accounts with usernames like “Help Desk” and using fraudulent tenant domains such as “securityadminhelper.onmicrosoft.com.” These scammers send direct messages, claiming they need access to resolve a technical issue.
The consequences of falling victim to such an attack are severe. Beyond losing access to your data, ransomware can disrupt your business operations, damage customer relationships, and potentially expose confidential information.
Recovering from an attack is not only costly—ranging from paying the ransom to repairing the damage—but can also harm your reputation and even lead to legal issues.
To protect your business, educate your team about this scam and emphasize caution when dealing with unsolicited support calls or Teams messages. Employees should always verify such requests with your official IT department before granting access or installing software.
If your business uses Microsoft Teams, ensure it’s configured securely. Only allow external chats from trusted domains, and enable chat logging for better monitoring.
Need help safeguarding your systems or strengthening your defenses? Reach out to us today.
Web & Mobile Apps