FBI and CISA recent alert about new vishing campaigns

The FBI and Cybersecurity and Infrastructure Security Agency (CISA) recently issued an advisory in response to a voice phishing (vishing) campaign. Cybersecurity expert Brian Krebs, who reports on his website, Krebs on Security, analyzed the threat to industries being exploited by cybercriminals.

With numerous employees working remotely due to the coronavirus pandemic, those criminals are finding ways to circumvent security protocols and to monetize the breaches.

“The COVID-19 pandemic has resulted in a mass shift to working from home, resulting in increased use of corporate virtual private networks (VPNs) and elimination of in-person verification,” the alert reads. “In mid-July 2020, cybercriminals started a vishing campaign—gaining access to employee tools at multiple companies with indiscriminate targeting — with the end goal of monetizing the access.”

In his story, Krebs says: “The agencies said the phishing sites set up by the attackers tend to include hyphens, the target company’s name, and certain words — such as ‘support,’ ‘ticket’ and ’employee.’ The perpetrators focus on social engineering new hires at the targeted company, and impersonate staff at the target company’s IT helpdesk.”

Read the full story at Krebs on Security.

Written by
View all articles

About Us

The League of Southeastern Credit Unions & Affiliates represents nearly 300 credit unions throughout Alabama, Florida, and Georgia. It has a combined total of almost $200 billion in assets and 12.4 million members. LSCU provides advocacy, compliance services, education and training, cooperative initiatives, and communications.

Social Channels

Follow us on all major social media platforms.