Fake IT Scams Rise While Canada Helpdesk Faces Internal Issues

New scams are using fake IT support on platforms like Teams. This is more dangerous than old email scams because it happens in real-time.
By Newsroom | Technology, Business |

A recent online post detailing alleged misconduct within an IT helpdesk team has brought internal workplace dynamics under a microscope, concurrently with a rising tide of sophisticated cyber threats that impersonate similar support roles. While one employee aired grievances about colleagues faking meetings, shirking duties, and sleeping on the job within a small IT helpdesk in Canada, a broader landscape reveals malicious actors exploiting the very idea of IT support for nefarious purposes. The dichotomy highlights a potential vulnerability: is the perceived breakdown of internal accountability mirroring or enabling external security risks?

IT helpdesk worker finds co-workers faking meetings, dodging calls and even sleeping on shifts - now one response from management has them questioning their own honesty - 1

Internal Discord and External Exploitation

The controversy erupted on Reddit, where an employee of approximately one year described a team of about ten individuals where a mere fraction appeared to be performing their duties conventionally. Allegations included extended lunch breaks beyond the allotted time and inflated documentation periods stretching out routine tasks. This internal depiction of operational slack is unfolding as external threat actors increasingly weaponize the "IT helpdesk" persona. Security reports from the past year detail how cybercriminals are moving beyond traditional email phishing to target organizations through platforms like Microsoft Teams. These attackers are not just sending malicious links; they are engaging in real-time social engineering, impersonating IT support personnel to trick unsuspecting employees into granting remote access, resetting multi-factor authentication, or installing malware and ransomware.

Read More: Monash University Researchers Create New Light Chip System

IT helpdesk worker finds co-workers faking meetings, dodging calls and even sleeping on shifts - now one response from management has them questioning their own honesty - 2

A Shifting Threat Landscape

The tactics employed by these malicious entities are evolving rapidly:

IT helpdesk worker finds co-workers faking meetings, dodging calls and even sleeping on shifts - now one response from management has them questioning their own honesty - 3

  • Voice Phishing (Vishing) and Direct Impersonation: Threat actors are initiating direct phone calls and Microsoft Teams chats, posing as executives or IT staff. They leverage personal data scraped from public sources like LinkedIn to lend credibility to their claims, often requesting urgent actions such as MFA resets.

  • Exploiting Platform Features: Microsoft Teams' internal communication and external collaboration features are being leveraged. Attackers are initiating one-on-one chats and calls, sometimes bypassing standard security warnings that may appear only briefly.

  • Payload Delivery: Once trust is established, attackers may guide victims to download malicious payloads or grant screen-sharing access, leading to the deployment of ransomware from groups like Black Basta and Cactus, or enabling data theft.

  • Evading Detection: These methods are proving difficult to intercept with traditional email security measures, as the communication occurs in real-time within collaborative platforms. Attackers are also known to modify system settings to ensure persistence after initial access.

The Human Element: Trust and Deception

The core of these attacks relies on the inherent trust placed in IT support personnel and the familiarity of collaborative tools like Microsoft Teams. Cybercriminals are banking on employees’ tendency to trust requests originating from seemingly legitimate internal channels, especially when presented with a sense of urgency or technical necessity. This is compounded by the ease with which fake identities can be created or impersonated, potentially exacerbated by the internal observations of a lax environment where accountability might be questioned. The ease of initiating external communications on platforms like Teams, coupled with potentially brief or easily dismissed security warnings, creates a fertile ground for these deceptive practices.

IT helpdesk worker finds co-workers faking meetings, dodging calls and even sleeping on shifts - now one response from management has them questioning their own honesty - 4

Background: The "Fake IT Helpdesk" Phenomenon

The trend of attackers impersonating IT helpdesks is not new, but its migration onto collaborative platforms like Microsoft Teams marks a significant escalation. Historically, such scams relied on phone calls or emails. However, the immediacy and perceived security of platforms where work communication regularly occurs have made them a prime target. This evolution is partly driven by the increasing sophistication of social engineering and the discovery that human trust remains a critical vulnerability. Security firms have noted the shift, highlighting that platforms offering real-time interaction present unique challenges for detection and prevention, often circumventing traditional security protocols designed for less dynamic communication methods.

Read More: Ibiza Club Owner Loses £30,000 and Bentley Due to Alcoholism

Frequently Asked Questions

Q: What is happening with IT helpdesks?
Some employees claim their IT helpdesk colleagues are faking work, like sleeping on the job. At the same time, criminals are pretending to be IT support to scam people.
Q: How are criminals scamming people using IT support?
They use platforms like Microsoft Teams to pretend to be IT staff. They call or message employees to trick them into giving remote access or resetting security codes.
Q: Why is this new scam dangerous?
These scams happen in real-time on work apps like Teams, making them harder to stop than old email scams. Attackers use personal info to seem real and exploit trust in IT staff.
Q: Who is affected by these IT scams?
Employees in companies are affected, especially those who use platforms like Microsoft Teams for work. They could lose company data or allow malware onto their systems.
Q: What happens next with these IT scams?
Companies need to train employees to spot these fake IT support scams. Better security on platforms like Teams is also needed to stop attackers from tricking workers.