Small businesses have spent years training employees not to click suspicious links. That still matters, but attackers are now leaning harder on something more personal: the phone.
Recent reporting from Google Threat Intelligence and others has highlighted voice phishing, often called “vishing,” where attackers call employees while pretending to be IT support, a vendor, or a help desk representative. The goal is simple: convince someone to approve a login, share a code, reset multi-factor authentication, or connect a cloud app that should never have been approved.
For a small business, that one call can open the door to Microsoft 365, Salesforce, SharePoint, Slack, Google Drive, DocuSign, or other business systems.
These scams work because they sound normal. An employee may hear something like:
The caller may know the company name, employee name, vendor names, or even internal-sounding language. That makes the request feel believable.
The risk is not only that a password gets stolen. In many modern attacks, criminals are trying to steal access tokens, register their own device, or trick a user into approving access to a cloud app. That can let them enter business systems without needing the employee’s password again.
Many Orlando-area small businesses use cloud tools every day for customer records, invoices, files, email, schedules, and internal communication. If one employee account is taken over, the attacker may be able to:
The business impact can be serious: lost trust, payment fraud, downtime, legal stress, and expensive cleanup.
Start with simple staff rules. Employees should know that real IT support will not pressure them to approve a surprise login, share a code, or bypass normal procedures.
Create a callback process. If someone receives an unexpected IT or vendor call, they should hang up and call back using a trusted number already on file.
Review multi-factor authentication settings. Push approvals and SMS codes are better than passwords alone, but phishing-resistant options such as security keys or passkeys offer stronger protection for higher-risk accounts.
Audit cloud app permissions. Many businesses do not regularly check which outside apps have access to Microsoft 365, Salesforce, Google Workspace, or other systems.
Monitor suspicious sign-ins. Look for unusual locations, new devices, odd login times, and unexpected app authorizations.
Limit access by role. Not every employee needs access to every file, mailbox, customer record, or admin tool.
The new help desk scam is dangerous because it feels like ordinary business communication. A calm, confident phone call can be just as risky as a malicious email.
Himala and his team at Cybernetic Networks have been amazing. We have been a customer of Cybernetic Networks for well over 14 years now, both personally and professionally. Himala and his team are professional, reachable and on the cutting edge of technology. We have enjoyed doing business with Cybernetic Networks for many years and still rely on their knowledge, skills and technology every day
Himala and his Cybernetic team have never let me down! For over 10 years now they have been fixing my technical issues, set up all my new networks and computers and have safeguarded me from any hackers or malware. You can trust this company to navigate you as your company grows and to keep you on track with the latest in security and safety
I am a solo practicing neurologist and have had all my IT needs covered through Cybernetic Networks since 2007. They are the best! All of their tech support staff is extremely knowledgeable and efficient. Just as importantly, they are quickly responsive whenever we need their assistance. I couldn’t be happier with their service and give them my highest recommendation!
I couldn't be happier with Cybernetics - they are experts, always respond quickly , and solves any issues I have.
Cybernetic Networks has been advising and supporting all our IT issues and purchases for the last 18 years. They are very responsive and extremely knowledgeable- always providing us with timely services.
It is not often you find small business companies that are not only rewarding to work with, but also have integrity, truth and skill. I have worked with this company for over 20 years, and the service is outstanding. I can easily recommend that if you need an IT company, this is the one to get. Full STOP! Look no further, you will be happy that you did. Sue Myhelic, Gulf Breeze Real Estate, Naples, Florida.
Himala and his team from Cybernetic Networks, Inc. has been an integral part of our successful retail business for the past 20 years. He is extraordinarily knowledgable and always available for our IT needs. Thanks to Himala and his team we are always up and running.
