Why Are Vishing Attacks on the Rise During the COVID-19 Pandemic?

The United States Federal Bureau of Investigation has made a formal statement, warning the public against the increase in vishing attacks. The warning was issued in mid-January 2021.

You may be already familiar with phishing and smishing - respectively, e-mail and sms-based attacks that seek to fool the victim into entering their credentials or disclosing personally identifiable information that is stolen by the actors behind the attack.

However, it seems like the infosec community cannot go a few months without making up another term for something that has existed for years.

Vishing is just another name for scams and frauds executed using phone calls. In those, much like in phishing and smishing attacks, the bad actors behind the attacks seek to gain personal information that will potentially allow them to access the victim's online accounts.

The FBI is warning that vishing attacks have become particularly focused on people working in positions that could allow the hackers to gain elevated access to the respective company's network.

The Bureau stated that this type of attack is becoming more and more common because of the new working conditions under global Covid-19 lockdown. With people working from home, the protocols and general observation of network access may be laxer, allowing bad actors easier access to company networks.

The FBI warning details an attack vector that is common for all phishing and related attacks. Using voice calls, company employees are tricked into opening fake login pages that then scrape any entered information such as login details and funnel that information directly to the hackers.

The stolen account information is later used to infiltrate company networks, elevate privileges of the compromised account and download and deploy further malware.

According to the FBI, the most common trick used to lure victims is the false pretense that the company is using a new VPN service. Victims are encouraged to log into the fake new VPN and have their information stolen.

The simplest thing to do in cases of vishing, according to the Bureau, is to first and foremost verify the identity of the person on the other end of the call and always double-check any website you are told to open.

By Zaib
January 20, 2021
Phishing
English
January 20, 2021
Phishing

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

Computer Security

DDoS and Password Attacks Are Rising Rapidly During the COVID-19 Pandemic

Security researchers are looking back at 2020 and their findings are not particularly encouraging. Analysts from F5 Labs recently published a report on digital attacks and incidents that took place over the previous... Read more

November 10, 2020
News

RDP Password Attacks Are on the Rise During the COVID-19 Pandemic

During their scams, cybercriminals often try to trick victims into thinking that there's an emergency that needs to be addressed quickly. By doing this, the targets are much more likely to be in a hurry to act, and... Read more

July 6, 2020
Computer Security

COVID-19 Tracking App 'COVID Kaya' Leaks Data

A mobile app designed to serve as a Covid-19 case tracking platform, named 'COVID Kaya', was found to be insecure. The platform was used by doctors and healthcare workers to keep track of active Covid-19 cases in the... Read more

November 17, 2020
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.