FBI Issues Warning Following Spike in Vishing Attacks
Many data breaches start with a phishing email, but credential phishing can also occur via other communication channels such as instant messaging platforms or SMS messages. One often overlooked way for credentials to be obtained is phishing over the telephone. These phishing attacks, termed vishing, can give attackers the credentials they need to gain access to email accounts and cloud services and escalate privileges.
Recently, the Federal Bureau of Investigation (FBI) issued an alert after a spike in vishing incidents to steal credentials to corporate accounts, including credentials for network access and privilege escalation. The change to remote working in 2020 due to COVID-19 has made it harder for IT teams to monitor access to their networks and privilege escalation, which could allow these attacks to go undetected.
The FBI warned that...