Cybercriminals’ methods for infiltrating networks and stealing sensitive data are constantly evolving. Among the most deceptive tactics they use are technical support scams and internal IT help desk scams. In tech support scams, attackers pose as representatives from well-known technology companies, claiming they will fix non-existent issues. They may use unsolicited pop-up messages, social media adverts, or phishing calls or emails in these fraudulent communications. They then attempt to run a fake “scan” of the computer, finding non-existent issues and claiming they need remote access to remedy them. Once granted, the hackers may install malware, request enrollment in a fake support contract, or demand payment for fraudulent software or services.
In IT help desk scams, cybercriminals pretend to be internal IT staff, often using urgent language to manipulate employees into granting access to secure networks or sharing confidential information. Tactics commonly include voice phishing (vishing), text message phishing (smishing), fraudulent emails, and fake messages sent via collaboration platforms.
Through both types of scams, cybercriminals employ social engineering strategies to fool employees, communicating with urgency and utilizing technical jargon and scare tactics (e.g., stating it is a major issue) to pressure employees into divulging sensitive information. When someone believes they’re speaking with a legitimate authority figure who is offering help, they may be more likely to comply with requests that compromise security.
The consequences of falling victim to these scams can be severe. Beyond the immediate loss of data or financial assets, organizations may suffer long-term damage to their reputation, face regulatory penalties and experience operational disruptions. Recovery can be costly and time-consuming, especially for organizations without robust incident response plans. Fortunately, raising employee awareness is an effective way to reduce the risk of these attacks.
Employees should be mindful of the following red flags:
- Unsolicited contact (e.g., calls, emails, pop-up messages) from someone claiming to be tech support or IT staff
- Credential requests for passwords, multifactor authentication (MFA) codes or remote access
- Urgent language or threats of consequences if immediate action isn’t taken
- Anomalous payment requests through non-conventional methods (e.g., untraceable gift cards, cryptocurrency, wire transfers, links to enter payment details)
Prevention Strategies
Employers can take several proactive steps to protect their organizations, such as the following:
- Implement regular cybersecurity training that includes real-world examples of scams and phishing attempts.
- Establish clear protocols for IT support communications, including verification steps.
- Use MFA to add a layer of security.
- Limit administrative privileges to reduce the potential impact of a compromised account.
- Foster a culture of cybersecurity where employees feel comfortable questioning suspicious requests, even if they appear to come from internal sources.
In addition, businesses should maintain up-to-date security software, monitor network activity for unusual behaviour and have a response plan in place in case of a breach.
Did you know that 60% of small and medium businesses don’t survive after a cyber attack? Protect your business with Cyber Insurance, call us at 780.424.2727 or click here to get a quote.