FBI Warns of Corporate Vishing Attacks>
Binary Defense – Garrett ThompsoN
The Federal Bureau of Investigation (FBI) has issued a notification warning of continued vishing attacks against cooperate accounts and network access credentials. Vishing (also known as voice phishing) is a social engineering technique where an attacker impersonates a trusted entity during a voice call to trick users into revealing sensitive information. According to the warning, attackers are using Voice-over-IP (VoIP) platforms to target company employees. With The work from home posture many companies have had to adopt due to COVID-19 restrictions, remote network access has grown by leaps and bounds. The attackers are attempting to trick lower-level employees, through a voice call, into giving then either their network credentials or their VPN credentials. In some cases, the maliciously acquired credentials allowed the attacker to escalate their new privileges within the network. This is the second warning that the FBI has released in less than a year concerning vishing, the first one was published in August of 2020 and warned of basically the same attacks.
Link: https://www.binarydefense.com/threat_watch/fbi-warns-of-corporate-vishing-attacks/