Criminals coax employees into handing over their access credentials and use the login data to burrow deep into corporate networks
The United States’ Federal Bureau of Investigation (FBI) has issued a warning about campaigns where threat actors target employees worldwide with voice phishing (also known as vishing) attacks in order to steal their network credentials and elevate user privileges.
The warning can in part be attributed to the fact that the COVID-19 pandemic has forced many companies to shift to telework, which may not allow for comprehensive monitoring of network access points and privilege escalation.
The Bureau highlighted a campaign that goes back to December 2019 and involved attackers targeting employees at large businesses in the US and elsewhere through Voice over IP (VoIP) platforms as well as a company chatroom in order to coax credentials into corporate networks.
“During the phone calls, employees were tricked into logging into a phishing webpage in order to capture the employee’s username and password,” reads the FBI’s description of one attack vector, which often involves spoofed caller ID numbers that conceal the criminal’s location and identity.
Before long, the threat actors found that they could burrow deeper into the networks than they’d initially believed and that they even had the ability to elevate permissions on the compromised accounts.
In these scenarios, attackers can wreak all manner of havoc on a company’s systems such as implanting malware, sifting through the company’s data to search for proprietary dat ..