Tag: vishing

Received a weird text from your boss? You’re not alone, text scams are rising in popularity
You’re sitting at your desk when you receive a text on your phone, it’s allegedly from the CEO of your company. He may say this is his new number (or his personal number) and he’s reaching out to you by name, adding to the legitimacy of the text. If you respond, he’ll say he’s in an important meeting and he needs you to use your company card to buy gift cards as a gift for the attendants of the meeting.

If you do so, and he’ll be keeping in constant communication with you in spite of being in an “Important meeting”, he’ll say he doesn’t need the physical cards just the codes which you can find if you scratch off the back. He may thank you for being a team playing after providing the codes or stop responding altogether because unbeknownst to you, the scam has been successfully completed.

Why gift cards? Gift cards are untraceable and usually not refundable when purchased. The scammer will quickly move the funds off the gift card leaving you with the empty plastic remnants and no recourse. Other variations on this scam may request Cryptocurrency instead (such as a message sent pretending to be one of your friends or a family member) but scammers know this would throw up too many red flags in a workplace setting.

The request even that unusual, if you’re an executive assistant for instance you probably regularly make purchases at the request of your employer. Scammers may target the whole company if they’re unsure who the influencers to the decision maker are or they may target specific individuals.

How are they getting the information to make their requests see more legitimate? They find it in the following ways.
1. Your Company Website: Often times your website will have information about your key players on it, including contact information. While we don’t recommend excluding this information to prevent being a target (as it’s valuable to those you want to legitimately do business with) it’s a good idea to remember that it’s out there when you’re getting strange communications via text or email that may call you out by name.
2. Social Media: This may be your company social media pages or even your personal accounts. We recommend making your personal accounts private and not oversharing on social media in general.
3. Search Engines: Nothing beats a good old fashioned Google search, and the information that’s available about you online may shock you. Phone numbers, relatives names, addresses etc. can all be found online. While there’s no real way to prevent this, you can somewhat keep track of what’s been made available by creating Google Alerts for your name, email address, etc.
While text scams may never rise to the prevalence of BEC (Business Email Compromise) attacks – which are being sent out at the rate of 10 per 1000 inboxes per day – it still showcases the way scammers will strategically target you and your business.

If you are looking to beef up your cyber security protocols in 2024, including providing your employees training to prevent attacks like this one, Valley Techlogic can help.

Security training is included as part of your monthly plan with us, as well as 24/7 monitoring, data recovery and remediation, backup solutions and more. Get started with us today.

Looking for more to read? We suggest these other articles from our site.
This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.
March 15, 2024
In 2023 some of the biggest cyber-attacks were orchestrated with “low tech” methods
Whether you’re “tech aware” or not, most of us know that the human element is one of the riskiest elements of our business when it comes to our data being compromised.

2023 proved that in spades with many of the largest attacks of the year being orchestrated with “low tech” methods – whether that be social engineering as we saw with MGM or literally low tech as with the attack on Rockstar that was conducted with a cellphone, TV and an Amazon Firestick.

Attacks such as the one on MGM are conducted with social engineering and the attacker doesn’t need to possess any particularly strong tech skills to pull an attack of that nature off. These attacks are usually accomplished through persistence – the attacker sometimes researches their target and reaches out to decision makers or those close to decision makers to try and gain access through Vishing, Phishing, and other methods (see our chart below for examples).

They may also “bruteforce” their way in though not in the typical way you might think, compromised credentials are often found very cheaply on the web and many people use the same password for everything. The bad actor will again look for specific targets and then try to purchase credentials that will match their target.

A common social engineering attack is orchestrated as follows:
1. The attacker will research their target. This includes trying to figure out who is a decision maker or close to a decision maker. They may also look for details about you found on social media (such as family and friends names they can use to make their attack appear more legitimate).
2. The attacker will reach out to the victim using what they have learned or try any credentials they’ve managed to find. They may pose as someone you trust and can even spoof that person’s email.
3. They will use their access to infiltrate your systems or use your account to continue pursuing their target. They may not immediately make themselves known – many attacks are orchestrated over months or years to produce a bigger payout.
4. Once they have successfully infiltrated your systems the attack may proceed in a variety of ways, whether that be trying to ransom back your compromised data or systems, threatening to release stolen data online if they don’t receive a payout, posing as you to your clients to expand their reach and more.
5. The attack only ends when you can successfully remediate/remove their access.
This attack is the end game for many attackers but not all attacks have this level of energy put towards them, phone scams and simple email phishing scams can look to steal your credit card or banking info for a quick payout and these sorts of attacks are conducted en masse often by attackers located overseas. Scams like these are still a variety of social engineering and quite effective – and again any data they manage to get in the process can also be sold on the dark web allowing these attackers to “double dip” on the profits they receive from their nefarious efforts.

As we mentioned above many attackers are not conducted on a quick timeline, attackers know they can receive a bigger payout the more enmeshed they are in with the victim’s systems and data. Your system could be compromised right now, and you may not even know it.

Data loss remediation and protection is just two of the cyber security offerings Valley Techlogic provides to help us protect our clients from social engineering and other cyber based attacks. Reach out today to learn more.

Looking for more to read? We suggest these other articles from our site.
This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.
December 29, 2023
In the aftermath of the MGM cyberattack, five class action lawsuits have already been filed
MGM Resorts are a staple on the Las Vegas strip, operating more than two dozen hotels and casinos around the world with nine of them being found in Las Vegas itself. You may have heard of the Bellagio, Mandalay Bay, and the Luxor? These are all MGM properties that host millions of visitors each year.

Now some of those same visitors are wondering if the chain gambled with their private data. It was reported on September 11^th that MGM was facing some kind of “cybersecurity issue” that trickled down to their facilities, with customers facing problems using the digital keys to their hotel rooms to slot machines not functioning as intended.

Guests were left spending hours waiting to check in as the hotels shifted away from digital entry back to manual keys to get guests into the rooms they’d already paid for. It reportedly took 10 days for things to resume normal operations with some problems still occurring here or there.

It’s now being reported that the cause of this hack was a persuasive phone call made by one of the members of a hacker group called “Scattered Spider” which has since claimed ownership of this attack. In a strange turn of events this group does not prioritize technology-based attacks such as malware or phishing but instead mostly engages in “Vishing”.

“Vishing” or voice phishing is when someone calls you pretending to be someone else, they usually are purporting to be from a company you might do business with financially – such as your credit card company or banking institution.

With number spoofing this type of attack can be very effective, and as the MGM attack shows even a massive organization is not necessarily immune from an attack if the bad actors is using the right attack vector for the job. That’s why it’s important to have several safeguards in place when it comes to protecting your systems and data.

It’s alleged that a member of the Scattered Spider group found an MGM employee’s information on LinkedIn and was able to convince a member of their help desk to give them all the access they needed to perform the attack. Someone close to the group has said the original plan was to hack their slot machines but when that plan failed, they moved to plan B which was holding MGM’s data hostage for a payment in Crypto.

Even though they’re now back to normal operations, MGM is not out of the woods yet. Five class action lawsuits have been filed with customers claiming the chain risked their personal identifiable information (PII) by falling for this attack. Two were filed against MGM directly, and three against their partner company Caesars Entertainment. We have talked about the legal ramifications. of cyber attacks before and it’s something companies should definitely be aware of, the insult of being hacked may not end just with the loss of data or systems being damaged – there may be legal consequences as well.

Over 90% of successful attacks have a human element to them, with this most recent attack on MGM included in that figure. Cyber security training can go a long way in preventing cyber threats to your business, but vishing may still catch you or your employees off guard. You may be wondering how someone on the phone could possibly be so convincing that you give them access to your systems or financial accounts. We made a chart on the top 8 steps you need to take to guard against a vishing(voice phishing or)’ smishing (text message phishing) attack on your business.

Of course, as we mentioned the best defense against cyber attacks in general is a layered approach, that way if one wall is breached an attacker would still have to get through several more to do any damage to your business. That’s where a partnership with Valley Techlogic comes in – we take a layered approach to protecting your backups, protecting your systems, and protecting you and your employees from bad actors. Learn more today through a consultation.

Looking for more to read? We suggest these other articles from our site.
This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.
September 29, 2023