The FBI is cautioning that cybercriminals are taking advantage of VoIP systems to target company employees in complicated voice phishing attacks.
— Arnaud Vanderroost (@avdrst) January 18, 2021
As the pandemic has compelled unusual numbers of employees to work remotely, retaining the same corporate security level has become a problem. Cybercriminals are taking advantage of this by gaining access to VoIP systems and company chatrooms and then persuading employees to log into counterfeit VPNs to embezzle their credentials.
FBI warns of vishing attacks stealing corporate accounts#cybersecurity #riskmanagement #phishing #malware #Infosec#cyberthreats #ramsomware #hacking #dataprotection #privacy#dataleak #informationsecurity #cyberattacks #databreachhttps://t.co/eg1sXnDFC2 pic.twitter.com/oOr2oKjF3P
— Paula Piccard 🇵🇷 🇺🇸 (@Paula_Piccard) January 20, 2021
The FBI put out an advisory to caution companies and enable them to mitigate the threat.
The FBI's recent #vishing warning references attacks that began in December 2019. But the alert is reminiscent of the Twitter social engineering attacks that took place last July: https://t.co/eIMDcbWvnK #cybercrime pic.twitter.com/2taKEzdu5d
— TechTarget Security (@SearchSecurity) January 20, 2021
As of December 2019, cybercriminals worked together to target both US-based and international-based employees’ at large companies using social engineering methods. The cybercriminals vished these employees through the use of VoIP platforms.
What are Vishing attacks?
- Vishing attacks are voice phishing, which happens during a phone call to users of VoIP
- During the phone calls, employees were fooled into logging into a phishing webpage to seize their username and password.
- After attaining access to the network, many cybercriminals found they had more significant network access, encompassing the proficiency to escalate privileges of the compromised employees’ accounts, thus letting them gain further access into the network, often resulting in substantial financial
For instance, the cybercriminals found an employee via the company’s chatroom and persuaded the person to log into the fake VPN page regulated by the cybercriminals. The actors wielded these credentials to log into the company’s VPN and conducted reconnaissance to discover someone with elevated privileges.
The cybercriminals looked for employees who could execute username and e-mail alterations and found an employee through a cloud-based payroll service. The cybercriminals utilized a chatroom messaging service to reach and phish this employee’s login credentials.
The FBI suggests numerous mitigation measures, comprising facilitating multi-factor authentication, commencing new employees with least security privileges, vigorously searching for unauthorized access or mutations, carrying out network segmentation, and providing administrators two accounts, one with admin privileges and the second other duties.