
Scammers Pretending to Be IT Support on Microsoft Teams: Protect Your Work Computer
Criminals are calling workers through Microsoft Teams, pretending to be company IT staff to trick them into installing malware that steals business information.
Source
BleepingComputer
Original headline: Fake IT support calls on Microsoft Teams push EtherRAT malware
Plain-English summary by GetCyberRight. Read the full report at the source above.
Cybercriminals have started a new scam targeting people at work through Microsoft Teams voice calls. The attackers pretend to be IT support staff from the victim's own company. During these fake support calls, they convince employees to install software that they claim will fix a computer problem. Instead, the software is malware called EtherRAT that gives criminals access to the company's network and allows them to steal information. This threat primarily affects people who use Microsoft Teams for work, especially employees at medium and large companies. If you or someone in your household uses Teams for their job, they could receive one of these scam calls. The criminals are specifically targeting employees to gain access to corporate networks, business data, and company systems. Home users who only use personal email and social media are not the primary targets of this particular scam.
If you use Microsoft Teams at work, follow these steps to protect yourself and your employer:
- Never install software based on an unsolicited call, even if the caller claims to be from your IT department.
- If someone calling through Teams asks you to install something, hang up and contact your real IT department using a phone number or email you already have.
- Remember that legitimate IT staff will usually create support tickets and will not mind if you verify their identity before following instructions.
- Report any suspicious Teams calls to your company's IT security team immediately.
- Check with your IT department about their actual procedures for software installation and support requests. This scam works because it exploits trust and creates urgency. Teach your family members who work from home to be skeptical of unexpected technical support offers, even when they come through official work channels like Teams. The same principle applies to phone calls, emails, or messages claiming to be from technical support at banks, internet providers, or other services. Real support teams will not pressure you to act immediately or get upset if you verify their identity through official channels first. Taking a moment to confirm who you are talking to can prevent a successful cyberattack.
Curated from trusted cybersecurity sources by GetCyberRight
Source: BleepingComputerStay ahead of cyber threats
Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.
More articles

AI Used in Ransomware Attack, But Humans Still Calling the Shots
A recent ransomware attack used AI to execute technical steps, but criminals still controlled the important decisions. Your basic security habits remain your best defense.
2 min read
AI Helps Hacker Attack a Company, But Humans Still Run the Show
AI tools are making attacks faster, but criminals still need technical skills and planning. Your current security habits remain your best defense.
2 min read
Canadian Intelligence Agency Took Action Against Criminal Groups
Canada's Communications Security Establishment conducted offensive operations against ransomware criminals, extremist groups, and drug traffickers in 2025.
2 min read
Canadian Spy Agency Fights Back Against Criminal Hackers
Canada's cybersecurity agency hacked three criminal groups in 2025, including ransomware gangs. This is good news for potential victims of these criminals.
2 min read