Not only do we have to worry about the ongoing pandemic and COVID-19-themed phishing emails, now we have to worry about a technique called “voice phishing,” or vishing. Vishing has been around for years, but the FBI is warning of a new vishing attack targeting telecommuters.
In this vishing attack, the actors gather information on a company’s employees from social media platforms, marketing tools, and open-source research. The attacker then calls the employee on their personal cell phone and, with their knowledge of the employee’s name, position, duration at the company and home address, uses social engineering techniques to gain the trust of the employee. Some hackers pose as members of the company’s IT help desk.
The actors then convince the employee that a new connection to the company’s network is required and that they will email the new link. The new link, they say, will require their user ID, password, and any two-factor authentication prompts. The link, of course, gathers and stores all the information for the actors. With that information, the actor now has access to the corporate network and corporate data. If the multi-factor authentication does not allow access, the actor further social engineers the employee to provide the current multi-factor information.
Below are some steps you can take to protect yourself from this type of vishing attack:
- Know that Cooper’s IT department will never call you asking for your password or multi-factor information.
- Verify that the web links do not have misspellings or contain the wrong domain.
- Do not visit alternate URLs on the sole basis of an inbound call. Bookmark the correct corporate VPN URL.
- Be suspicious of unsolicited phone calls or emails.
- Do not provide personal information or information about your organization.
- If you suspect the call is vishing, document the phone number of the caller.
- Limit the amount of personal information you post on social networking sites.
- Do not change any settings on your corporate-provided devices.
If you believe you received a vishing call, call Cooper’s IT Help Desk at 856.968.7600. The Help Desk will notify the IT Security and the Information Assurance and Privacy departments. If you have any questions, please contact Phil Curran at privacyofficer@cooperhealth.edu or 856.536.1317.
Source: https://krebsonsecurity.com/2020/08/fbi-cisa-echo-warnings-on-vishing-threat/