Serving Central Virginia for Years

Blog

Network Integration Specialists, Inc. Blog

Network Integration Specialists, Inc. has been serving the Central Virginia area since March of 2000. We provide IT Support such as technical helpdesk support, networking support, custom software and database development and IT/Business consulting to small and medium-sized businesses. Our experience has allowed us to build and develop the relationships and infrastructure needed to keep our prices affordable and our clients running efficiently.

How to Spot and Stop Microsoft 365 Passkey Vishing Scams

How to Spot and Stop Microsoft 365 Passkey Vishing Scams

Cybercriminals are using new tricks to target Microsoft 365 users, posing as internal IT staff and calling employees to walk them through a fake passkey enrollment process. This vishing (voice-phishing) campaign is designed to trick staff into giving attackers access to business accounts, leading to data theft and extortion. Here’s what you need to know and the practical steps you can take to protect your organization.

Why This Matters to Small Businesses

Small businesses and nonprofits often rely on Microsoft 365 for email, file storage, and collaboration. When attackers gain access to these accounts, they can steal sensitive data, disrupt operations, and demand payment to return your files. Because this scam uses phone calls and impersonates trusted IT staff, it can bypass many technical security controls and catch even cautious employees off guard.

How the Scam Works

In this campaign, attackers call employees and claim to be from the company’s IT department. They say they are helping with a new security upgrade or passkey enrollment for Microsoft 365. The caller then directs the employee to a website that looks like a Microsoft passkey setup page. While the employee follows instructions, the attacker registers their own passkey on the real Microsoft 365 account. This gives the attacker ongoing access, even if the password is changed later. Once inside, the attacker may steal files or threaten to leak sensitive information unless a ransom is paid.

It’s important to note that this scam does not exploit a weakness in passkeys or multi-factor authentication (MFA) itself. Instead, it relies on social engineering—tricking people into helping the attacker. The scam is especially effective because many organizations are currently rolling out legitimate passkey enrollment, making the request sound plausible.

How to Protect Your Team

  • Verify unexpected IT requests: If you receive a call about enrolling a new passkey or any security change, pause and verify. Use a known company contact method—such as your official IT help desk number or internal chat—not the number the caller provides.
  • Remember the rule: Real IT staff will not call out of the blue and walk you through a passkey setup. If you’re unsure, hang up and reach out through your usual IT support channel.
  • Look for signs of urgency or secrecy: Attackers often pressure you to act quickly or keep the call confidential. This is a red flag.
  • Share this guidance with your team: A quick reminder can help everyone recognize and avoid these scams.
  • Report suspicious activity: If you think you’ve interacted with a scammer, let your IT support know right away so they can help secure your account.

How NIS Helps Manage the Risk

NIS helps small businesses and nonprofits stay ahead of emerging threats by monitoring security news, updating best practices, and providing staff awareness training. We support secure Microsoft 365 configurations and guide clients through safe adoption of new technologies like passkeys and multi-factor authentication. If your team needs help understanding or responding to new scam tactics, NIS is here to provide clear, practical advice and support.

Staying alert to social engineering is just as important as technical security. Remind your team: always verify IT requests through a trusted channel. It’s a simple habit that stops most scams before they start.

Don't Approve a Microsoft Sign-In You Didn't Start...
Comment for this post has been locked by admin.
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Friday, 10 July 2026

Captcha Image

Customer Login

News & Updates

Cybercriminals are using new tricks to target Microsoft 365 users, posing as internal IT staff and calling employees to walk them through a fake passkey enrollment process. This vishing (voice-phishing) campaign is designed to trick staff into giving...

Contact us

Learn more about what Network Integration Specialists, Inc. can do for your business.

Network Integration Specialists, Inc.

Copyright Network Integration Specialists, Inc. All Rights Reserved.