A lot of organizations are compelled to modify working strategies due to the COVID-19 crisis. A big number of workers now do their jobs from home. In the healthcare industry, employees can work from home and deliver telehealth services to their patients. Though this approach is necessary for virus control and to make certain that patients still receive the medical services they need to have, remote work has cybersecurity challenges and cybercriminals are exploiting the situation. There’s been a considerable increase in cyberattacks aimed at remote employees during the last three months.
Different strategies are being utilized to mislead remote workers into downloading malware or giving away credentials, which include a new method that cybersecurity company IRONSCALES has fairly recently uncovered.
In the latest report, IRONSCALES explained that hackers are spoofing messages generated on auto-pilot by Private Branch Exchange (PBX) systems to swipe information. PBX is an old phone system that lots of businesses employ to automate answering calls. One of the capabilities of these systems is the creation of voicemail messages and transmitting recordings straight to the inboxes of end-users. These systems were greatly valuable throughout the COVID-19 crisis, as they make certain that workers don’t miss very important voicemail communications while doing their work remotely. However, threat actors also have one more way to carry out an attack.
In this method, the cybercriminals spoof communications from the PBX system and notify a worker that there’s a new voicemail. The emails are individualized and contain the user’s name or business name to make it seem that the voicemails are real. Subject lines in the messages are likewise mindfully created to spoof the communications transmitted by the legitimate PBX systems.
To listen to the voicemail, users are sent to a webpage that spoofs PBX integrations with the objective of stealing information. It might look unusual for attackers to set up phishing websites for spoofing PBX integrations since many voicemails are pretty harmless in the details sent. Nevertheless, attackers are aware that the information can be utilized for many other logins, which include websites having invaluable PII or business details. Additionally, any sensitive data that is kept in the voicemail may likely be employed for a social engineering attack.
IRONSCALES knew about this voice phishing (vishing) plan in the middle of-May. As per the report, the vishing plan is being carried out worldwide and around 100,000 mailboxes were targeted. In case your firm transmits voicemails on auto-pilot to employees’ inboxes, then your firm is in danger of becoming victim to this fraudulence.
IRONSCALES advises elevating awareness of this trick with remote employees and taking on an email security system effective at knowing and blocking email security problems like this, which thus far were helpful at skipping DMARC anti-spoofing procedures.