fbpx

Your IT Support Experts

We partner with many types of businesses, and strive to eliminate IT issues before they cause expensive downtime.

Home

Stores

About Us

IT Services

Understanding IT

News

Blog

Contact Us

Support

Free Consultation

Interested in seeing what we can do for your business? Contact us to see how we can help you! Sign Up Today

JensenIT Blog

Phishing is a Threat, Even By Phone

Phishing is a Threat, Even By Phone

Telework has become crucial for businesses to sustain themselves right now, as remote work became a hard and fast requirement in the face of the coronavirus. However, if businesses aren’t careful, they could trade one issue for another in exposing themselves to security threats.

Let’s take a few moments to discuss one threat that many are facing: voice-based phishing, or vishing.

Federal Agencies Have Sounded the Alarm

Both the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency have called attention to this variety of phishing. By calling a targeted victim, rather than sending an email or another kind of correspondence, an attacker can potentially pull the wool over their target’s eyes by using a less-expected attack strategy.

Those who are working from home are being targeted by a vishing campaign intended to acquire the access credentials needed to get into corporate networks. Once these credentials are obtained, the cybercriminals responsible can turn around and sell this access to others for their nefarious use.

How These Attacks Are Presenting Themselves

By registering lookalike domains to pose as a company’s actual resources, cybercriminals set themselves up to steal company credentials. These domains can be extremely convincing, often structured in the following ways:

  • support-[company]
  • ticket [company]
  • employee-[company]
  • [company]-support

As these pages replicate a company’s login page to their virtual private network, unwitting users are more likely to enter their credentials. This means that the attacker is then able to capture these credentials—including multi-factor authentication codes—and use them to gain access to the targeted business’ network.

Once these facsimile pages are completed, criminals then do some digging into a company to learn more about their employees. A profile is constructed, with the name, address, phone number, job title, and even length of employment for each employee included. Using this data, a hacker can call their target through a spoofed number and send them to their fraudulent VPN webpage.

This gives the hacker the means to access an employee’s work account, enabling them to collect more data for further phishing efforts or other data theft efforts. These attacks are now being directed to the team members that are currently working from home, making it even more important for your employees to be able to recognize the signs of phishing.

How to Identify Phishing Scams of All Kinds

  • Exercise caution when dealing with unsolicited calls, voicemails, and any other messages from those you don’t know. If you can, double-check that the person is who they claim to be through another means of communication.
  • Double-check the number of a suspected vishing caller, as well as any Internet domains you may be told to navigate to.
  • Avoid visiting any websites that a caller recommends without good reason to trust their legitimacy.

JensenIT is here to help you with an assortment of your business’ IT needs and concerns, including your cybersecurity. Give us a call at (847) 803-0044 to learn about the services and solutions we can put in place on your behalf.

What Would Happen if All Data Was Publically Avail...
Tip of the Week: When Do I Need to Clean My Comput...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Monday, September 21, 2020

Captcha Image

Customer Login

Latest Blog

While it may sound strange coming from a managed service provider, there is some wisdom to the adage, “if it ain’t broke, don’t fix it.” We know, we know… it sounds a little hypocritical for us to say something like this, when we spend so much time touting the values of proactive maintenance and similar strategies. However, this now-cliché statement certainly holds water, as exemplified by many modern technologies—including the Boeing 747.

Contact Us

Learn more about what JensenIT can do for your business.

JensenIT
1689 Elk Blvd
Des Plaines, Illinois 60016

Sign up for our Newsletter!

Hey! Before you go, subscribe to our newsletter for IT tech tips and advice!