Attend IT Limited Blog

Phishing is a Threat, Even By Phone

Phishing is a Threat, Even By Phone

Telework has become crucial for businesses to sustain themselves right now, as remote work became a hard and fast requirement in the face of the coronavirus. However, if businesses aren’t careful, they could trade one issue for another in exposing themselves to security threats.

Let’s take a few moments to discuss one threat that many are facing: voice-based phishing, or vishing.

Federal Agencies Have Sounded the Alarm

Both the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency have called attention to this variety of phishing. By calling a targeted victim, rather than sending an email or another kind of correspondence, an attacker can potentially pull the wool over their target’s eyes by using a less-expected attack strategy.

Those who are working from home are being targeted by a vishing campaign intended to acquire the access credentials needed to get into corporate networks. Once these credentials are obtained, the cybercriminals responsible can turn around and sell this access to others for their nefarious use.

How These Attacks Are Presenting Themselves

By registering lookalike domains to pose as a company’s actual resources, cybercriminals set themselves up to steal company credentials. These domains can be extremely convincing, often structured in the following ways:

  • support-[company]
  • ticket [company]
  • employee-[company]
  • [company]-support

As these pages replicate a company’s login page to their virtual private network, unwitting users are more likely to enter their credentials. This means that the attacker is then able to capture these credentials—including multi-factor authentication codes—and use them to gain access to the targeted business’ network.

Once these facsimile pages are completed, criminals then do some digging into a company to learn more about their employees. A profile is constructed, with the name, address, phone number, job title, and even length of employment for each employee included. Using this data, a hacker can call their target through a spoofed number and send them to their fraudulent VPN webpage.

This gives the hacker the means to access an employee’s work account, enabling them to collect more data for further phishing efforts or other data theft efforts. These attacks are now being directed to the team members that are currently working from home, making it even more important for your employees to be able to recognize the signs of phishing.

How to Identify Phishing Scams of All Kinds

  • Exercise caution when dealing with unsolicited calls, voicemails, and any other messages from those you don’t know. If you can, double-check that the person is who they claim to be through another means of communication.
  • Double-check the number of a suspected vishing caller, as well as any Internet domains you may be told to navigate to.
  • Avoid visiting any websites that a caller recommends without good reason to trust their legitimacy.

Attend IT Limited is here to help you with an assortment of your business’ IT needs and concerns, including your cybersecurity. Give us a call at 020 8626 4485 to learn about the services and solutions we can put in place on your behalf.

How Unified Communications Improves Productivity
Three Ways (Out of Many) That VoIP Boosts Producti...

By accepting you will be accessing a service provided by a third-party external to

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Network Security Business Computing Tip of the Week Best Practices Cloud Productivity Hosted Solutions Managed IT Services Disaster Recovery communications Privacy Malware Data Recovery VoIP Data Backup Data Hackers Business Backup Outsourced IT Email Innovation Business Continuity Cloud Computing Small Business IT Services Software Productivity IT Support Efficiency Cybersecurity Mobile Devices Computer Internet IT Support Saving Money Upgrade Hardware Phishing Internet of Things Business Management Automation Smartphone Managed IT services Server Microsoft Collaboration Managed IT Information Technology Mobility Ransomware User Tips BDR Mobile Device Management Save Money Network Risk Management Covid-19 Budget Windows 7 Compliance Managed Service Provider Artificial Intelligence BYOD Avoiding Downtime Remote Computing Smartphones Cost Management Meetings Virtual Private Network Data Management Communication Passwords Password Spam Gadgets History Computers Quick Tips Hosted Solution Firewall Document Management Google Microsoft Office Telephone Systems Router Content Filtering IT Service Paperless Office Manufacturing Managed Service Devices Training Wi-Fi Hybrid Cloud Hard Drives Audit Conferencing Remote Work Value Business Technology Employee-Employer Relationship Solid State Drive MSP Workplace Tips Remote Workers Automobile Marketing Data Breach Recovery Saving Time Printing Data Security Human Resources Windows 10 Instant Messaging Personal Information Redundancy VPN Tech Term Android Wireless Employer-Employee Relationship Networking Bandwidth Mobile Device OneNote Government Voice over Internet Protocol Data Loss Hacking Gamification Colocation Phone System Outsource IT Application Social Media Data Protection Money Entertainment Samsung Time Management Proactive IT Private Cloud Analysis Virtual Assistant Nanotechnology Disaster Going Green Monitoring Business Telephone Office 365 Mobile Computing Applications Black Market Professional Services Workers Chromebook e-waste Fiber Optics Save Time Smart Technology Hacker Azure Backup and Disaster Recovery Two-factor Authentication End of Support Flexibility Mobile Office Proactive HIPAA Workstations Alexa for Business Encryption Electronic Medical Records Printer Management Printers iPhone Computer Repair Lifestyle The Internet of Things Cybersecurty Travel Smart Tech Vendor Windows Server 2008 Project Management Remote Working Students Utility Computing Windows 10 Cybercrime SMB Active Directory Virtualization Operating System Break/Fix Window 10 Software as a Service Spyware Browser Commerce Facebook Development Company Culture PCI DSS Financial Technology Upgrades IoT Telephony Downtime Social Engineering Connectivity Business Intelligence Employees Office Unified Communications Advertising Windows Server Shadow IT Big Data Online Storage Apple Laptop Update Help Desk WPA3 Regulations Compliance Legal Antivirus Wasting Money Dark Web E-Commerce Streaming Media App Copiers intranet Remote Monitoring Evernote Customer Relationship Management User Error Cost Wireless Internet Administration Video Conferencing File Storage Payment Cards Word Education Cleaning Users Managed Services Wireless Technology Holiday AI Computing Amazon Transportation Content Filter SaaS Managed IT Service Voiceover Internet Protocol Work/Life Balance Payroll Vulnerability Regulation Machine Learning Mobile eCommerce Edge Remote Access Control Webinar WIndows Server 2008 How To Digital Signage Credit Cards Hard Drive Employee Managed Services Provider Windows Ink Device Security Worker Policy Twitter Telephone Touchscreen Windows Server 2008 R2 Smart Devices Sales Virus Unsupported Software Solutions Projects WiFi Data Storage Relocation PC Cortana Blockchain Bring Your Own Device iOS Sync Apps Law Enforcement Google Docs Ciminal Innovations Google Drive Memory Admin IT solutions Patch Management Current Events FAQ Music Internet Service Provider Facebook Privacy Google Maps Battery Procedure Chrome Computer Forensics Hyperlink IT Management Troubleshooting Retail App store Root Cause Analysis Updates Unified Threat Management Screen Mirroring Video Games Smartwatch Identities Computer Accessories Alert Text Messaging Settings Reputation YouTube Microsoft Excel Windows 10s Outlook Adobe Wireless Charging Analytics Point of Sale Organization Gmail Wasting Time Scalability CRM Websites Mobile Security Information Augmented Reality Tablets Microsoft Word Safety Robot Cast Health Server Maintenance Inventory Legislation Computer Fan Office Tips Myths Workstation Business Strategy Holidays File Sharing Identity Theft Keyboard Shortcuts Hard Disk Drive Shortcut WannaCry HaaS 5G Tech Support PowerPoint Accessory Internet Exlporer Keyboard Gifts Data Theft Politics Charger Net Neutrality Identity Threats NFL Maintenance Managing Stress Emergency Display Consultant Windows Investment Communitications Comparison Language Vendor Management Telework Testing Social OneDrive Storage Worker Commute Scam Miscellaneous Excel Security Cameras Processor Licensing USB Books Television CrashOverride Medical IT Fraud Peripheral Emails IT Solutions Humor Micrsosoft Experience Data Privacy Scams eWaste Google Assistant Co-Managed Services HBO Search ROI Hosted Desktop Specifications Computer Care Audits Camera Sabotage Sports IT budget Financial PDF Best Practice Benchmarks Virtual Reality