Cyber Criminals Are Impersonating IT Helpdesks – Here’s How to Stay Vigilant

In a worrying development, several major UK retailers – including Marks & Spencer, Harrods and Co-op – have been targeted by cyber criminals in recent weeks. One alarming tactic used by attackers is impersonating IT helpdesk staff to trick employees into handing over login credentials or approving password resets.

According to guidance issued by the National Cyber Security Centre (NCSC), these criminals are using social engineering techniques to gain access to sensitive systems – often by pretending to be the IT department and requesting urgent password resets. In some cases, they’ve even contacted actual helpdesk staff while pretending to be locked-out employees.

The NCSC is urging organisations to tighten their password reset procedures and reassess how IT teams verify staff identity before making changes. With this in mind, CJAZ Consulting is reminding all clients to stay alert and implement some practical verification steps to reduce the risk.

6 Simple Cyber Security Checks to Verify Your IT Helpdesk Is Genuine

Here are 7 quick and practical checks you can put in place immediately to reduce your exposure to these kinds of attacks:

1. Was the contact expected?

   
   

   Be cautious of out-of-the-blue calls or emails claiming to be IT. Genuine support usually comes through a known ticketing process or is pre-arranged.

   
   

2. Double-check contact details

   
   

   Always cross-reference phone numbers and email addresses with your internal contact directory. If something looks off, trust your instinct and verify.

   
   

3. Ask for ticket details

   
   

   A legitimate IT support team should know your helpdesk ticket number and the background. If they’re vague or avoid answering, that’s a red flag.

   
   

4. Never share passwords or codes

   
   

   IT will never ask for your password or two-factor authentication code. If they do, end the conversation and report it.

   
   

5. Call them back

   
   

   Don’t feel pressured to act immediately. Politely hang up and call back on a verified number from your company’s internal contact list.

6. Encourage reporting

   
   

   Promote a culture where your team knows it’s OK to challenge suspicious requests and report anything unusual – even if it turns out to be harmless.

   
   

Want peace of mind? We can help.

At CJAZ Consulting, we help businesses close security gaps before they’re exploited. With ESET’s industry-leading MDR (Managed Detection & Response), you get:

• 24/7 protection by real-world threat hunters and AI-powered tools

• Rapid response to any active attack – threats are shut down fast

• Compliance-ready cybersecurity for peace of mind and insurance alignment

If you're unsure how secure your current setup is, let’s talk. We can assess your existing defences and help you tighten your processes before attackers try their luck.

Call CJAZ 020 3950 0360