FBI Warns of Increase in Vishing Attacks

FBI Warns of Increase in Vishing Attacks

Fraud Management & Cybercrime , Social Engineering

Hackers Attempt to Collect VPN Credentials Akshaya Asokan (asokan_akshaya) • January 19, 2021    

The FBI is warning that hackers are increasingly using voice phishing, or vishing, to target remote workers as a way of harvesting VPN and other credentials to gain initial access to corporate networks.

See Also: OnDemand | 2021 Pharmaceutical Threat Outlook

Over the last year, the FBI says, hackers have targeted employees at U.S. and international corporations that use VoIP services through vishing techniques and other types of social engineering attacks.

"After gaining access to the network, many cybercriminals found they had greater network access, including the ability to escalate privileges of the compromised employees' accounts, thus allowing them to gain further access into the network often causing significant financial damage," the FBI notes in an alert.

In another warning issued in August 2020, the FBI and the U.S. Cybersecurity and Infrastructure Security Agency warned that hackers were using vishing techniques to target remote and at-home employees (see: Alert: Vishing Attacks Are Surging).

Examples of Techniques

The latest FBI alert describes several incidents where hackers successful used social engineering techniques to target employees.

In one case, hackers targeted U.S. and international employees of an organization and used vishing techniques to collect VPN credentials.

"D ..