Contact us today!

FRS Pros Blog

New Cyberattack Targeting Remote Workers

New Cyberattack Targeting Remote Workers

Since the onset of the coronavirus, many businesses have managed to sustain themselves through remote work—also commonly known as telework. While this strategy has allowed quite a few businesses to survive, it has also opened them up to security threats. Here, let’s focus on one such threat: vishing, or voice phishing.

Warnings from Federal Agencies

The issue of voice phishing is currently being pressed by the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency alike. Vishing is the same as any other phishing attack, just conducted through a voice call instead of an email or other form of message.

These agencies have announced that cybercriminals have begun a vishing campaign, directed toward those that are working from home. By extracting login credentials for corporate networks, these criminals can turn a profit by selling access to other cybercriminals.

The Vishing Strategy

According to the FBI and CISA, cybercrime groups have registered facsimile domains to mimic legitimate company resources before developing phishing sites to live on these fake domains. These domains commonly had a structure like the following:

  • support-[company]
  • ticket [company]
  • employee-[company]
  • [company]-support

If someone were to visit these pages, they would find a page that looked very much like a company’s login page to their virtual private network—so as a result, if someone were to input their credentials, the cybercriminal would then have the means to access the business’ network. These pages can even capture multi-factor authentication measures.

Once these pages are completed, the criminal groups responsible then begin to research a company’s employees to build a profile on them. Names, addresses, phone numbers, workplace titles, and how even how long an employee has even been employed at a company are all included in these dossiers. Then, using random or spoofed VoIP numbers, hackers call these employees and swiftly gain their trust.

Once this trust is acquired, the attacker directs the targeted employee to the spoofed VPN page. Quicker than you can say “social engineering”, the hacker can then access the legitimate account. From there, the attacker is free to do as they please—collecting data on other employees and contacts to take advantage of or extracting other data for financial gain.

With attackers now directing these vishing scams toward remote workers, it is more important than ever that your team understands how they can identify phishing scams

Identifying Scams

  • Be suspicious of unsolicited messages—including calls and voicemails—from those you don’t know. If possible, verify their identity through another means to ensure that they are legitimate.
  • Keep track of the number that any suspected vishing messages come from, as well as the Internet domain you were directed to.
  • Don’t visit a website on a whim after a caller directs you to it, unless you have reason to believe it is legitimate.

For more assistance with your business’ security, reach out to the IT pros at FRS Pros. Give us a call at 561-795-2000 to start a conversation.

Tip of the Week: Getting a Better Wi-Fi Signal at ...
Will We Soon Leave Passwords Behind?

By accepting you will be accessing a service provided by a third-party external to

Mobile? Grab this Article!


Tag Cloud

Tip of the Week Security Technology Best Practices Productivity Business Computing Network Security Privacy Hackers Internet User Tips Cloud Google Software Microsoft Efficiency Innovation Hardware Data Email Hosted Solutions Business Management Communication Computer Windows 10 Smartphones Tech Term Malware Cybersecurity Business IT Support Android Mobile Devices Small Business Workplace Tips IT Services Data Backup Browser Disaster Recovery Smartphone Backup Upgrade Collaboration VoIP Office 365 Outsourced IT Data Recovery Users Gadgets Phishing Internet of Things Information Windows Communications Apps Cloud Computing Data Security Network Miscellaneous Ransomware Cybercrime Business Continuity Operating System Passwords Covid-19 Automation Managed IT Services Saving Money Microsoft Office Social Media Facebook Managed Service Quick Tips Wireless Mobile Device Management Money Vulnerability Artificial Intelligence Alert Server OneNote Law Enforcement Blockchain Two-factor Authentication Health Employer-Employee Relationship Conferencing Virtualization Managed IT Services Information Technology Mobile Device Holiday Best Practice Managed IT Mobile Office Applications IT Support Chrome Spam Networking Computers Windows 7 Word Data Storage WiFi Patch Management Project Management Telephone Systems Data Breach Bandwidth Tech Support Managed Service Provider Access Control Printing Password Wi-Fi Router BYOD Bring Your Own Device Unsupported Software Augmented Reality Google Drive Settings Hacking App Gmail Windows 10 Retail Save Money SaaS Proactive IT Data Loss Going Green Social Government Business Technology Touchscreen Application Budget Wireless Charging Encryption Wireless Technology Google Docs Software as a Service Robot Safety Hard Drive Display Data Management Devices Battery Human Resources The Internet of Things Audit Productivity VPN iPhone Data Protection Sports Risk Management Payment Cards Meetings Travel Paperless Office Telephony Excel Management File Sharing History IT Management Apple Fraud Cost Management Update Mobile Security Marketing Vendor Commerce HIPAA Evernote Shortcut WannaCry Remote Politics Hosted Solution Search Google Assistant User Error Avoiding Downtime Mobility BDR Hybrid Cloud Voice over Internet Protocol Remote Workers Cortana Remote Monitoring Smart Devices DDoS Charger Value Wasting Time Benchmarks Policy Files Ciminal Samsung Medical IT Data Theft Data Privacy IT solutions Micrsosoft Audits Disaster Device Security Touchpad Amazon Downtime Holidays Recovery Investment Net Neutrality Adobe Workers Gamification Keyboard Shortcuts Managed IT Service Remote Working Legislation Language Legal Sabotage Troubleshooting Accessory iOS WIndows Server 2008 Myths Procedure Antivirus 5G Administrator Gifts Computing Windows 10s HBO Business Intelligence Solutions Windows Ink Humor Virtual Assistant E-Commerce Copiers Testing Screen Mirroring ROI Internet Service Provider Lithium-ion battery Licensing Updates Memory Computer Care Nanotechnology Managed Services Provider Streaming Media Comparison Unified Threat Management PC CRM Outlook Instant Messaging Hacker Computer Forensics Peripheral Threats Video Conferencing Microsoft Excel IT budget Personal Information YouTube Access Credit Cards App store Emergency Chromebook Co-Managed Services Solid State Drive Digital Signage Printer Google Maps Spyware Alexa for Business Inventory Reputation Camera Emails Cast Windows Server 2008 R2 Microsoft Word Point of Sale Financial Payroll Root Cause Analysis Facebook Privacy Chromecast Specifications Virus Upgrades AI Data storage Keyboard Computer Fan Scams Organization Entertainment Employees Internet Exlporer Remote Computing Telephone Hard Disk Drive Firewall PCI DSS Identity Theft Employee Projects Workstation Tablets Maintenance Office Security Cameras eCommerce Sales Proactive OneDrive Smartwatch Uninterrupted Power Supply Sync PowerPoint Admin Virtual Private Network Storage Social Engineering Hosted Desktop FAQ Hyperlink IT Solutions Processor Regulations Compliance Edge Vendor Management Compliance Break/Fix Websites Transportation Identity Printers Webinar Development Telework NFL eWaste Laptop Scam Machine Learning Fiber Optics Employee-Employer Relationship Consultant Server Maintenance Remote Work Education Wireless Internet Saving Time Training Innovations Identities Private Cloud Virtual Reality Work/Life Balance Regulation Current Events Electronic Medical Records Crowdsourcing Employer Employee Relationship Television CrashOverride Phone System Benefits Company Culture Save Time End of Support Twitter HaaS Relocation Computer Accessories Flexibility Music Smart Technology Thank You Scalability Analytics PDF Congratulations es Mobile Computing Communitications Black Market Cleaning Big Data Automobile Text Messaging Managing Stress USB Worker Cache How To Books Office tips Hiring/Firing Advertising Monitors Video Games Experience