The Federal Bureau of Investigation (FBI) of the United States has issued a warning regarding campaigns in which threat actors target employees all over the world using voice phishing (also known as vishing) assaults to obtain their network passwords and raise user privileges.
The warning can be ascribed in part to the COVID-19 epidemic has driven many businesses to transition to telework, which may not allow for complete monitoring of network access points and privilege escalation. The warning is partly because the COVID-19 epidemic has driven many firms to switch to telework, making thorough network access point monitoring and privilege escalation difficult.
The Bureau cited a campaign that began in December 2019 and involved attackers using Voice over IP (VoIP) platforms and a company chatroom to lure credentials into corporate networks from employees at big organizations in the United States and internationally.
According to the FBI’s description of one attack vector, employees were fooled into signing into a phishing webpage during the phone calls to collect the employee’s login and password, which frequently uses fake caller ID numbers that hide the criminal’s location and identity.
Soon after, the threat actors discovered that they could penetrate the networks further than they had anticipated and even increase permissions on the compromised accounts.
In some instances, attackers can infect a company’s systems with malware, trawl through its data for proprietary information, or get access to executive account credentials to commit Business Email Compromise (BEC) fraud. Any of this has the potential to be highly costly to a business.
In another example, cyber crooks approached an employee using the company’s chatroom and tricked him into signing onto a fake Virtual Private Network (VPN) website. They then used the stolen account credentials to access the company’s network, where they looked for an employee who could alter usernames and emails. The hackers discovered their target via a cloud-based payroll service and then used the chatroom method to phish the victim’s credentials.
The federal law enforcement agency also offered tips on how businesses may reduce the danger of cyberattacks. Multi-factor authentication, active scanning and monitoring of illegal access, network segmentation, and frequent assessments of employee network access are all examples of this.
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued a similar alert in August 2020, warning of a spike in vishing attacks aimed at various organizations’ employees. Threat actors employed identical techniques to gain account credentials in multiple assaults, including fake VPN sites.