Beware of Fake "Support Calls" – They Could Be Ransomware Scams

Written By Phil Darnell

If you or your team receive a call claiming to be from Microsoft Teams support, be cautious. Scammers are increasingly posing as IT “help desk” staff in a new wave of ransomware scams.

How This Scam Works

The goal of these fraudsters is simple: trick employees into granting access to their devices. Once inside, they deploy ransomware, locking your business data until a hefty payment is made to recover it.

Here’s how this scam unfolds:

  1. Flooding Inboxes with Spam
    Scammers bombard an employee’s email inbox with so much spam that it becomes virtually unusable.

  2. The “Helpful” Phone Call
    They then call the employee, pretending to be from IT support, offering to resolve the issue.

  3. Gaining Remote Access
    The scammers ask the employee to install remote desktop software like AnyDesk or use built-in tools like Windows Quick Assist, granting them control of the device.

Once they gain access, they:

  • Move around your network

  • Steal sensitive data

  • Deploy ransomware to cripple your operations

A New Twist – Fake Teams Accounts

These scammers are also exploiting Microsoft Teams to appear more credible. They set up fake Teams accounts with usernames like “Help Desk” and use bogus Microsoft tenant domains, such as securityadminhelper.onmicrosoft.com, to send direct messages to employees.

They claim they need device access to fix an issue, but their intent is to infiltrate your network.

Why Ransomware is a Serious Threat

Ransomware attacks are not just a nuisance – they can bring your business to its knees. These attacks can:

  • Deny access to critical data and systems

  • Disrupt customer service and operations

  • Expose confidential information

The aftermath is costly, whether you pay the ransom or deal with recovery. It can lead to:

  • Financial losses

  • Reputation damage

  • Potential legal ramifications

How to Protect Your Business

  1. Educate Your Team
    Ensure your employees recognize the signs of this scam. Encourage them to be skeptical of unsolicited calls or Teams messages and always confirm requests with your IT department.

  2. Secure Microsoft Teams

    • Allow external chats only from trusted domains

    • Enable chat logging for oversight and transparency

  3. Verify Before Granting Access
    Train employees to double-check any request to install software or grant remote access, even if it seems legitimate.

Need Help Safeguarding Your Setup?

Scammers are becoming more sophisticated, but you can stay ahead of them with the right protections in place. If you’d like expert assistance securing your Microsoft Teams and IT environment, get in touch with us today. We’ll help ensure your business stays protected against these evolving threats.

Phil Darnell
Previous

How to Fix the Annoying File Explorer Glitch in Windows 11
Next

Protect Your Business from the Growing Threat of Business Email Compromise (BEC)