Open Forum

 View Only
  • 1.  Security BUZZ - Remote Support Scams

    Posted 05-19-2023 08:43

    Research confirms that 71% of cyberattacks in 2022 didn't involve malware. Adversaries spend more time studying the company and social engineering. Let's walk through one of many cases outlined by the researchers. 
    First, the attacker initiates an in-depth intelligence-gathering effort. The threat actor spent more than an hour on the phone with the victim company's help desk, trying to get any insights that could fuel the next phase of social engineering. Once they had a specific user in their sights, the attacker initiated a voice call informing the user their credentials had been compromised. Victims are then sent a malicious link and prompted to enter not just their login details but also their multifactor authentication (MFA) data. The adversary is off and running once the user is tricked into handing those over.
    In the next step, the hacker sets up a Remote Access Sofware (AnyDesk is one of the popular) that they remotely control. Once inside corporate walls, attackers set up and hide the tool, many of which end users and IT use daily for legitimate reasons. 
    This setup allows hackers to monitor the activities and exfiltrate the data.



    ------------------------------
    Genady Vishnevetsky
    Chief Info Security Officer
    Stewart Title Guaranty Company
    Houston TX
    ------------------------------
    ALTA Marketplace


  • 2.  RE: Security BUZZ - Remote Support Scams

    Posted 05-22-2023 12:39

    WOW. Thank you for sharing!!



    ------------------------------
    Sabrina Bier
    Director of Digital Media and Education
    Proper Title
    Chicago IL
    7738756420
    ------------------------------

    ALTA Marketplace


  • 3.  RE: Security BUZZ - Remote Support Scams

    Posted 05-23-2023 09:45

    The criminals are working harder and using new tools, including AI, to target people. There is money to be made and it's the business they have chosen. There was a great story on CBS 60 Minutes Sunday night which focused on scams directed at older people but the stories and lessons apply to people of all ages. The story also shows how technology can be used to spoof the voice of a specific person.

    Video (appx 15 minutes): Watch 60 Minutes: Cyber scammers stealing from grandparents - Full show on CBS

    Cbs remove preview
    Watch 60 Minutes: Cyber scammers stealing from grandparents - Full show on CBS
    Losses from digital theft have doubled over the past two years, according to the FBI. Sharyn Alfonsi shows how cyber scammers are using AI, apps and social engineering to target seniors.
    View this on Cbs >

     



    ------------------------------
    Kelly Romeo | SVP & CIO | ALTA
    202-261-2948 | [email protected]
    ------------------------------

    ALTA Marketplace