Tech Updates
Beware that “support call” – it could be a ransomware scam
If you get a call claiming to be from Microsoft Teams support, think twice before doing what they ask.
There’s a new trend for scammers to pose as “help desk” staff, with the aim of tricking employees into letting them take over their devices.
This is part of a larger ransomware attack, where you’ll be denied access to your business data unless you make a hefty payment to get it back.
Recently, a notorious cyber crime group has taken this scam to a new level.
First, they’ll flood an employee’s inbox with so much spam that it becomes unusable. Then they swoop in with a phone call, pretending to be from IT support, offering to “fix” the problem.
They may ask your employee to install remote desktop software like AnyDesk or use built-in tools like Windows Quick Assist. Once they have access, they can move around your network, collect sensitive data, and launch ransomware on your devices.
Be warned – they don’t only reach out over the phone. They’ve also started setting up Teams accounts to make employees think they’re part of IT support.
They do this by choosing usernames like “Help Desk” and using fake Microsoft tenant domains such as “securityadminhelper.onmicrosoft .com”. Then they send one-to-one messages to employees, saying they need access to their device.
Ransomware attacks are serious business. Along with locking you out of your data, they can also shut down your operations, disrupt customer service, and potentially leak confidential information.
Recovering from a ransomware attack can be expensive, both in terms of paying the ransom and dealing with the aftermath. It can cause loss of revenue, damage your reputation, and it could even have legal consequences.
Make your team aware of this scam and encourage everyone to be cautious with any unsolicited support calls or Teams chats. And make sure everyone knows to check with your actual IT department first, if someone is asking to install software or gain access.
Also, if you use Microsoft Teams in your business, make sure it’s set up securely. Only allow external chats from trusted domains, and make sure chat logging is enabled.
If you want extra help safeguarding your setup, we can do that. Get in touch.
Here’s how to fix that Windows 11 File Explorer glitch
If you’ve installed version 24H2 of Windows 11 for your business, you might have noticed an annoying glitch in File Explorer.
File Explorer is that familiar window you use to browse your files and folders. Normally, it’s straightforward – but some people are running into issues with the “See more” menu after downloading this update.
The menu, which is marked by three little dots, usually pops up below your mouse cursor, giving you options like “Select All” or “View Properties”.
But thanks to a recent bug, the “See more” menu is flying up to the top of the screen, often disappearing out of sight. And if you’re using File Explorer in full-screen mode, some menu options might not even be visible.
Frustrating, to say the least.
Luckily, there’s a simple workaround: Just make sure you’re running File Explorer in windowed mode where it shares the screen with other applications. To do this, click the square icon in the top-right corner (next to the “X” you’d click to close it).
You can then resize the File Explorer window, allowing you to use the “See more” menu, even if it’s still misbehaving.
The good news is that Microsoft are aware of the problem. They’re working on a fix.
Little glitches like this can be a nuisance when you and your team are trying to get things done.
Can we help you squeeze more productivity out of your applications? Get in touch.
Security alert: Attacks on business email accounts are surging
Email has become an essential tool for any successful business, but as the saying goes, “with great power comes great responsibility”.
As a business owner, it’s your responsibility to make sure your emails are secure. It’s one of the key ways to stop your business data falling into the wrong hands.
Business Email Compromise (or BEC) is a growing threat. And if you become a target, it could cost you – big time.
So, what exactly is a BEC attack?
In simple terms, it’s where scammers pose as people high up in the business, like CEOs, executives, and IT staff. The goal is to trick your employees into sharing sensitive information or sending money. Research shows that nearly 90% of BEC attacks are set up this way.
It’s easy to see how someone might quickly respond without a second thought, especially when they trust the sender.
BEC attacks have spiked dramatically this year, especially over the third quarter. Researchers have analysed 1.8 billion emails worldwide, discovering a shocking 208 million malicious emails among them. And of these malicious emails, more than half (58%) were BEC attempts.
The figures make it clear: BEC scams are now the biggest email threat to businesses.
Another thing worth noting? Most BEC scams target employees lower in the business, who might be less likely to question authority or be less aware of cyber threats.
Although BEC attacks are common, it’s also important to remember that scammers still use other methods too. This includes commercial spam and phishing attacks, which are designed to trick people into sharing personal information, like login details.
In fact, the combined effect of these types of scams now overshadows traditional ransomware and malware attacks.
Luckily, it isn’t complicated or expensive to protect your business.
Simply make sure that all members of your team are trained to think twice about every email they receive.
If an email asks for sensitive information or a financial transaction – especially if it feels urgent – your employees should know to stop and check with someone before they action anything.
If you need help making sure your business is secure, get in touch.
Can’t find what you need in Teams? This makeover will increase your business’s productivity
Ever feel overwhelmed by the maze of chats, channels, and notifications in Microsoft Teams? Well, here’s the good news: Microsoft’s rolling out an update to help streamline things.
The update will create a simpler workspace that’s easier to navigate – grouping everything in one location under the Chat menu. Think of it as a central hub where all your key conversations and notifications live.
The update also includes a new “@mentions” view that gathers all your direct messages and important mentions in one place. This will make it easier to catch up on messages you’re tagged in, helping you to make sure important notifications don’t slip through the cracks.
Teams will also be getting improved filters and controls. This will let you do things like filter out less urgent notifications, as well as create custom sections to keep your chats, channels, and meetings organised by project or topic.
Another great feature being introduced is a new “favourites” section, allowing you to pin your top chats and channels for quick access.
Also, threaded conversations are expected to arrive some time in mid-2025. This will mean that replies get grouped together in the same thread, making it easier to follow discussions without losing track of previous messages.
All these improvements are coming to desktop, Android, and iOS – so your team will be able to stay on top of things no matter where they are.
If you’re not already using Teams to keep communication flowing in your business, now’s a great time to start. We can help with that, get in touch.
Security alert: Does your business have old logins for ex-staff?
When someone leaves your business, you might be so wrapped up in the rush of everyday tasks, you forget to delete their login details.
It’s easy to overlook. You’ll get around to it later, right?
But unused login details could be a ticking time bomb for security breaches, leaving the doors wide open to cyber criminals. It can also be an unnecessary drain on your budget if you’re paying for old subscriptions you no longer need.
A recent report found that almost half of businesses had accounts that were no longer actively managed.
If you’ve forgotten about an account, you’re not monitoring it. And this leaves your business vulnerable to attacks.
These risks aren’t just hypothetical, either. Many cloud security breaches happen because unused login details and accounts have been compromised.
So, what do you need to do?
Take the time to audit all accounts and login details used by your business. Make sure you no longer have accounts open for ex-employees (and check that their access has been fully revoked, not just left inactive).
The same goes for any software or service that you’ve stopped using in your business. You might not realise you’re still paying for a service you haven’t touched in months – or even years.
Going forward, make sure you have a clear process for when people leave, and regularly review the applications and services your business uses.
If you’re not sure where to start, let us help you perform a security review and make sure you’re not leaving your business exposed to unnecessary threats. Get in touch.