Law enforcement officials have discovered a rise in the number of "vishing" campaigns using video conferencing and calls to target businesses during the coronavirus pandemic. The emergence of the threat is particularly concerning given the number of employees that continue to work remotely, where network access may not be monitored as robustly as it would be in an office environment.
The FBI has issued a warning that cybercriminals are increasingly using a form of social engineering over the telephone to gain access to sensitive corporate data. With video calls replacing face-to-face interactions, it is easier than ever for attackers to impersonate legitimate members of a company’s IT team.
Often, victims are talked into accessing a phishing webpage where they unwittingly hand over their username and password. The attackers then use their illegally acquired credentials to access the corporate network and cause further damage.
- Check out our roundup of the best endpoint protection software
- Keep your devices virus-free with the best malware removal software
- We've also put together a list of the best identity theft protection services available
Vishing goes viral
Vishing attacks are not a new threat, however, and the FBI found evidence of cyber attackers using voice phishing methods before stay-at-home orders came into force.
“According to FBI case information, as of December 2019, cybercriminals collaborated to target both US-based and international-based employees at large companies using social engineering techniques,” a notification posted by the FBI Cyber Division read. “The cybercriminals vished these employees through the use of VoIP platforms.”
Vishing campaigns also often use software to allow attackers to pretend they are calling from within the victim’s company, usually from the IT department. Since the coronavirus pandemic spread across the globe, cyberattackers have wasted little time in exploiting the virus for new exploits. Aside from the FBI’s warning, recent research found that 2020 represented a record year for phishing, with Google detecting 2.11m phishing sites over the twelve-month period.
- We've also highlighted the best antivirus software
Via Silicon Angle