Overview:

The Government of Newfoundland and Labrador is aware of recent spear phishing attacks targeting individuals. The attacker floods the individual’s mailbox with deceptive emails and then impersonates their help desk technician via contact through Microsoft Teams. These calls attempt to gain remote access to the individual’s devices using Microsoft’s built-in Quick Assist tool.

These attacks are designed to manipulate recipients into revealing sensitive information or allowing unauthorized access.

Safety Tips:

• Limit unnecessary tools, disable and block Microsoft Quick Assist in environments where it is not required.
• Review security policies and protections to ensure strict controls are in place for external communication, email filtering, and remote access tools.
• Beware of impersonation, as attackers may pose as trusted personnel like IT support. Confirm identities through official channels.
• Report suspicious activity (e.g., unusual emails, messages, or calls) to your security team.