Security News > 2021 > January > FBI Warns of Employee Credential Phishing via Phone, Chat
The Federal Bureau of Investigation has issued a Private Industry Notification to warn of attacks targeting enterprises, in which threat actors attempt to obtain employee credentials through vishing or chat rooms.
An observed shift in tactics, the FBI says, is the targeting of all employee credentials, not exclusively of those individuals who might have higher access and privileges based on their corporate position.
In one attack, the Agency says, the cybercriminals found an employee via the company's chatroom, and then convinced them into logging into a fake VPN page to reveal their credentials.
They located an employee who could make username and email changes and used a chat room messaging service to phish for their credentials.
"The Hackers used personal information about the employees to convince them that the Hackers were legitimate and could be trusted. While some employees reported the calls to Twitter's internal fraud monitoring team, at least one employee believed the Hackers' lies," the New York Department of Financial Services said in a report detailing the incident.
To mitigate such attacks, the FBI advises organizations to implement multi-factor authentication for employee accounts, adopt the least privilege principle, actively monitor the environment for unauthorized access or modifications, employ network segmentation, and issue two accounts for admins: one for email and another for making changes to systems.