Skip links

Fake IT support scams: how to spot them and stay safe

fake IT support calls and how to spoty them

The rise of fake IT support scams

As businesses increasingly rely on IT systems, cybercriminals have upped their game, targeting businesses with fake IT support scams. These scams often pretend to be genuine support calls, emails, or messages, tricking team members into sharing sensitive information or installing malware.

Small and medium-sized businesses (SMBs) are particularly vulnerable due to their limited resources and often less robust cyber security measures. So, how do these scams work, and how can your business avoid falling victim?


How fake IT support scams work

Imagine you’re mid-cuppa when the phone rings. The person on the other end claims to be from your IT provider—or worse, “Microsoft Support.” They sound techy and throw around big words like “vulnerabilities” and “breaches.” Before you know it, they’re asking for remote access to your computer or payment to “fix” a made-up problem.

Spoiler alert: They’re not from Microsoft.

Here’s their playbook:

  1. Step 1: Scare you silly with a fake problem.
  2. Step 2: Build fake trust with big words and urgent tones.
  3. Step 3: Ask for money, access, or both.
  4. Step 4: Vanish like your last piece of chocolate, leaving chaos behind.

Warning signs of fake IT support scams

Keep an eye out for these red flags:

    • Unsolicited calls or emails: If you didn’t request support, it’s probably not real.
    • Pressure tactics: “Act now or your whole system will crash!” Nope, don’t fall for it.
    • Generic greetings: “Dear User” or “Valued Client” screams scam.
    • Dodgy pop-ups: Real IT providers don’t use pop-ups to communicate. Ever.
    • Immediate payment demands: If they ask for your bank details, hang up and report it.
    • Too much jargon: If they’re trying to confuse you, they’re probably hiding something.

Steps to protect your business

  1. Educate your team: Train them to recognise scams and stay alert.
  2. Verify contacts: Always double-check claims by contacting your IT provider directly—don’t use details from suspicious messages.
  3. Strengthen security:
    • Turn on multi-factor authentication (MFA).
    • Keep software and systems updated.
    • Use firewalls and endpoint protection.
  4. Limit access: Only trusted team members should handle IT decisions.
  5. Report it: If something feels off, report it to your IT provider straight away.

What to do if you’re targeted

If you suspect a fake IT support scam, take these steps:

  • Don’t engage: Hang up the phone or delete the email without responding.
  • Secure your systems: Disconnect any device that may have been compromised and alert your IT team or MSP.
  • Report the scam: Notify Action Fraud or your local cyber security authority to help prevent others from falling victim. 

Why choose Cloud & More?

At Cloud & More, we believe in keeping things simple, personal, and scam-free. We’re the ones who pick up the phone (no voicemails here!) and genuinely care about keeping your business safe. From phishing awareness training to endpoint protection, we’ve got your back.

If you want to chat about cyber security, give us a call. No jargon. No pressure. Just good advice—plus maybe a biscuit if you visit the office.

Don’t let scammers catch
you off guard!

Cyber awareness training isn’t just a box to tick; it’s a vital investment in your business’s future. Think of it as teaching your team to spot a phishing email faster than they can spot the last slice of office cake. With Phished, you can turn your team into a robust defence against cyber threats, giving you peace of mind and a competitive edge.

Let us help you make cyber security personal with a FREE cyber awareness check Contact Cloud & More today. 

cyber security
Share the Post: