Security News > 2023 > March > Does Your Help Desk Know Who's Calling?

Does Your Help Desk Know Who's Calling?
2023-03-09 12:25

The attacker will try to convince the user to download remote access software under the pretext of corporate IT help desk representatives.

Attackers impersonating the help desk is clearly working: in July 2020, Twitter experienced a major security breach when hackers used a vishing scam to successfully access dozens of high-profile accounts, including those of Barack Obama, Joe Biden, Jeff Bezos, and Elon Musk.

Social engineering attacks are carefully fabricated with collected data and can be used to impersonate an end-user on a call to the help desk.

One effective way to safeguard against these types of attacks is to implement a secure service desk solution, which allows for the verification of user accounts with existing data beyond just knowledge-based authentication.

With a Secure Service Desk, you can remove the opportunity for user impersonation by requiring verification with something the user has and not just relying on something the user - or an attacker - may know.

By instilling a comprehensive and effective way to verify user identity, enforce user authentication, and reset or unlock user accounts, would-be victims can rest assured that they'll always know who's really calling.


News URL

https://thehackernews.com/2023/03/does-your-help-desk-know-whos-calling.html