Try this first
- 1First reaction: do nothing that costs money or grants access. Hang up or say 'I will call back'.
- 2Call back on the phone number you have in your own contacts, not the number they called from. Caller-ID name shows, but it can be spoofed.
- 3Ask a control question only the real person can answer. Not 'when is your birthday' (on LinkedIn), instead 'what did we eat at last week's team lunch'.
- 4On suspicion of fraud: notify colleagues via Teams or mail (from a safe channel). Do not wait with 'maybe it was real', better safe afterwards than halfway-transferred.
- 5Write the scenario for your team: 'if someone calls saying I need to transfer money, do this'. Four lines on an internal wiki.
When to bring us in
An actual CEO fraud attempt (urgent transfer request, pressing tone, unusual channel): call us immediately, even if nothing has happened yet. We help with police report and possibly number takedown.
See also
- I think I clicked a phishing linkNo shame, happens to everyone. The next fifteen minutes matter.
- A colleague's account is acting strangelySending mail in their name, rules hiding folders, unusual sign-ins. Suspicious.
- Lost the MFA app: new phone, no backup codesClassic problem after a phone upgrade. You are not the first to be locked out.
None of the above fits?
Describe your situation below. We pass your input plus the steps you already saw to our AI and return tailored next-step advice. If it's too risky to DIY, we'll say so.
Or skip the DIY entirely
Our Managed IT clients do not look these things up. One point of contact, a fixed monthly price, resolved within working hours.