Voice Phishers Targeting Corporate VPNs

2020-08-19 13:55

One increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees.

Allen said a typical voice phishing or "Vishing" attack by this group involves at least two perpetrators: One who is social engineering the target over the phone, and another co-conspirator who takes any credentials entered at the phishing page and quickly uses them to log in to the target company's VPN platform in real-time.

With each passing attempt, the phishers can glean important details from employees about the target's operations, such as company-specific lingo used to describe its various online assets, or its corporate hierarchy.

"When people hear it's just teenagers involved, they tend to discount it. But the kinds of people responsible for these voice phishing attacks have now been doing this for several years. And unfortunately, they've gotten pretty advanced, and their operational security is much better now."

In July 2018, Google disclosed that it had not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical security keys in place of one-time codes.

News URL

https://krebsonsecurity.com/2020/08/voice-phishers-targeting-corporate-vpns/

#phisher #VPN