The criminals are working harder and using new tools, including AI, to target people. There is money to be made and it's the business they have chosen. There was a great story on CBS 60 Minutes Sunday night which focused on scams directed at older people but the stories and lessons apply to people of all ages. The story also shows how technology can be used to spoof the voice of a specific person.
Video (appx 15 minutes): Watch 60 Minutes: Cyber scammers stealing from grandparents - Full show on CBS
| Cbs |
remove preview |
|
| Watch 60 Minutes: Cyber scammers stealing from grandparents - Full show on CBS |
| Losses from digital theft have doubled over the past two years, according to the FBI. Sharyn Alfonsi shows how cyber scammers are using AI, apps and social engineering to target seniors. |
| View this on Cbs > |
|
|
------------------------------
Kelly Romeo | SVP & CIO | ALTA
202-261-2948 |
kelly@alta.org------------------------------
Original Message:
Sent: 05-22-2023 12:39
From: Sabrina Bier
Subject: Security BUZZ - Remote Support Scams
WOW. Thank you for sharing!!
------------------------------
Sabrina Bier
Director of Digital Media and Education
Proper Title
Chicago IL
7738756420
Original Message:
Sent: 05-19-2023 08:43
From: Genady Vishnevetsky
Subject: Security BUZZ - Remote Support Scams
Research confirms that 71% of cyberattacks in 2022 didn't involve malware. Adversaries spend more time studying the company and social engineering. Let's walk through one of many cases outlined by the researchers.
First, the attacker initiates an in-depth intelligence-gathering effort. The threat actor spent more than an hour on the phone with the victim company's help desk, trying to get any insights that could fuel the next phase of social engineering. Once they had a specific user in their sights, the attacker initiated a voice call informing the user their credentials had been compromised. Victims are then sent a malicious link and prompted to enter not just their login details but also their multifactor authentication (MFA) data. The adversary is off and running once the user is tricked into handing those over.
In the next step, the hacker sets up a Remote Access Sofware (AnyDesk is one of the popular) that they remotely control. Once inside corporate walls, attackers set up and hide the tool, many of which end users and IT use daily for legitimate reasons.
This setup allows hackers to monitor the activities and exfiltrate the data.
------------------------------
Genady Vishnevetsky
Chief Info Security Officer
Stewart Title Guaranty Company
Houston TX
------------------------------