Have you received the following call, or something similar?

“Your account has been compromised. Please call this number to reset your password.” 

In panic, you return the call to be met with an automated recording that asks for your like bank account numbers and/or other sensitive information. You’ve been vished and guess who is hiring!

Working remotely goes hand in hand with tech support scammers and vishing actors. The number of crooks calling people who are working from home is exploding right now. It’s the new description for the “Contract Employee.”

We talked about spear phishingsmishing and whale phishing previously. Voice phishing through phone calls is going rampant right now, and the FBI is warning companies and their employees to remain vigilant. Voice phishing attacks have been on the rise since a bitcoin scam took over one of the main social media platforms a few months ago. The attacker goal is to convince the targeted individuals to divulge their remote access credentials and then use these details to log in to the company’s network.

The Concern

About four out of five enterprises have adopted mass remote working for their employees, and three out of four are planning to keep it that way indefinitely. Crooks are naturally turning their attention to this shift, deploying both new and old tricks to phish credentials from employees who are now isolated and more vulnerable. As for the origin of the attacks, this is literally all over the place, ranging from small and inexperienced cyber-criminals to highly sophisticated state-supported APT groups.

Source: Check Point

The theme used by the actors is most often “tech-support,” as this sets the stage to ask for credentials without making it look suspicious. In some cases, the victims see a pop-up alert on their computer and are convinced to install a RAT (remote access tool), making the hackers’ job even easier.

In other cases, the hackers call the victim and request the 2FA code that they just received, pretending to be a support representative in the process of fixing a problem for the customer. The crooks then use this code to access the victim’s email, IM, or banking account.

New hires sent to work from home are a category on their own, as they didn’t have enough time to get trained against vishing threats. Again, LinkedIn offers this valuable information to the attackers, who call the new employees pretending to be a colleague in need of assistance with VPN access. The hackers use real names of other employees of the company to convince the target, and oftentimes, they do.

When someone calls you and pretends to be from the company you’re working for, ask for their number to call them back and confirm it with the firm’s employee database. If they stutter or claim technical problems, just hang up. They will probably give up trying to phish you specifically, but reporting this incident to the company is key to protect colleagues as well.

Want more tips? Follow us to learn more about IT security solutions and monitoring. We can help you design a solution to meet your need. Here at ManagedTEK we strive to provide top security solutions. If you have an immediate IT need, you can always reach us at 707.205.3727. ManagedTEK’s goal is to create a plan specifically focused on each business that we serve. Technology made simple.