{"id":712,"date":"2021-01-19T12:38:52","date_gmt":"2021-01-19T07:08:52","guid":{"rendered":"https:\/\/xiarch.com\/blog\/?p=712"},"modified":"2021-06-07T10:39:48","modified_gmt":"2021-06-07T05:09:48","slug":"fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information","status":"publish","type":"post","link":"https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/","title":{"rendered":"FBI Warns about Vishing Attacks that keep Corporate Accounts Information!"},"content":{"rendered":"\n
The Federal Bureau of Investigation had issued a warning letter to control the ongoing vishing attacks that used to steal the information of corporate accounts and credentials for network access and take advantage of international and the United States based employees.<\/p><\/p>\n\n\n\n
The term Vishing is known as voice phishing, it is a type of social engineering attack in which the attackers imitate a trustworthy person through a voice call to conduct the attack. The actors will try to sneak out personal information such as login credentials and banking details.<\/p><\/p>\n\n\n\n
In this epidemic of COVID-19, many organizations will be going to adapt to updating technology and changing environments along with that they follow social distancing orders and having many restrictions by the government, due to this the network access is not completely monitored.<\/p><\/p>\n\n\n\n
Who is Affected?<\/strong><\/h2>\n\n\n\n
<\/figure><\/div>\n\n\n\n
According to the investigations, the actors who have targeted the employees by logging into the phishing web page and then sneak out their username and passwords.<\/p><\/p>\n\n\n\n
In several cases, the attackers gained access over the company network than the actors will try to gain greater network access than expected, which allows them to initiate the privileges with the help of compromised employees\u2019 accounts. This permits the hackers to gain access to the secured networks and sometimes they caused ultimate financial damage to an organization.<\/p><\/p>\n\n\n\n
According to the FBI, the cybercriminals found the employee details on the company\u2019s chatroom, and then convince the employee to log into the fake phishing page generated by cybercriminals. Once they get the credentials then they used them to log into the company\u2019s VPN and then find someone having a higher post.<\/p><\/p>\n\n\n\n
The attackers used chatroom service to contact and phished the employee, they were looking towards the employee who will update their username and email details through cloud payroll services.<\/p><\/p>\n\n\n\n
FBI Guidance<\/strong><\/h2>\n\n\n\n
<\/figure><\/div>\n\n\n\n
To help the organizations and employees the FBI shared some recommendations;<\/p>\n\n\n\n
When new employees are hired, revoke the complete access to them. Do proper monitoring of all the employees, this will reduce the risk and avoid weak sports created within the network.<\/li>
Administrators have to use two accounts for different purposes, one for the admin rights while updating the system changes and another for emailing and generating reports or deploying updates.<\/li>
Network segmentation will be used to break one large network into several smaller networks which assist the administrators to control the flow of the network.<\/li>
Use regular scanning and monitoring of unauthorized access or modifications that help you to detect possible compromise to reduce the risk of data.<\/li>
Apply MFA while accessing the employees\u2019 accounts to minimize initial compromise.<\/li><\/ul>\n\n\n\n
Remaining Up<\/strong><\/h3>\n\n\n\n
The FBI issued a second warning to alert the active vishing attacks campaign that targeted the employees since the pandemic starting and now increasing day by day.<\/p><\/p>\n\n\n\n
The Cybersecurity and Infrastructure Security Agency (CISA) and FBI issued a joint advisory or a warning notice in August 2020 for all the remote workers, while protecting them from ongoing vishing scams that target multiple US companies.<\/p><\/p>\n\n\n\n
In July 2020, the attackers started this vishing campaign having the aim to target and gained access to the employee tools and minimized the companies databases, and used employee personal information to conduct the attacks.<\/p><\/p>\n\n\n\n
While in August 2020, the attackers used different crafted sites that used to clone the targeted companies\u2019 using logging pages by internal VPN and enables the, to harvest 2FA or OTP. Along with that the attackers also gained control over cellphones and bypass 2FA and steal OTP with the help of SIM swapping.<\/p><\/p>\n","protected":false},"excerpt":{"rendered":"
The Federal Bureau of Investigation had issued a warning letter to control the ongoing vishing attacks that used to steal the information of corporate accounts and credentials for network access and take advantage of international and the United States based employees. The term Vishing is known as voice phishing, it is a type of social […]<\/p>\n","protected":false},"author":2,"featured_media":717,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[3],"tags":[],"yoast_head":"\n
FBI Warns about Vishing Attacks that keep Corporate Accounts Information! - Xiarch Solutions Private Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"FBI Warns about Vishing Attacks that keep Corporate Accounts Information! - Xiarch Solutions Private Limited\" \/>\n<meta property=\"og:description\" content=\"The Federal Bureau of Investigation had issued a warning letter to control the ongoing vishing attacks that used to steal the information of corporate accounts and credentials for network access and take advantage of international and the United States based employees. The term Vishing is known as voice phishing, it is a type of social […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/\" \/>\n<meta property=\"og:site_name\" content=\"Xiarch Solutions Private Limited\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/xiarch\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-01-19T07:08:52+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-06-07T05:09:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/01\/FBI-Vishing-Attacks-Featured-Image.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2000\" \/>\n\t<meta property=\"og:image:height\" content=\"1200\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Xiarch Security\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@xiarch\" \/>\n<meta name=\"twitter:site\" content=\"@xiarch\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Xiarch Security\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/\"},\"author\":{\"name\":\"Xiarch Security\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\"},\"headline\":\"FBI Warns about Vishing Attacks that keep Corporate Accounts Information!\",\"datePublished\":\"2021-01-19T07:08:52+00:00\",\"dateModified\":\"2021-06-07T05:09:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/\"},\"wordCount\":595,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"articleSection\":[\"Consulting\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/\",\"url\":\"https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/\",\"name\":\"FBI Warns about Vishing Attacks that keep Corporate Accounts Information! - Xiarch Solutions Private Limited\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#website\"},\"datePublished\":\"2021-01-19T07:08:52+00:00\",\"dateModified\":\"2021-06-07T05:09:48+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/xiarch.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"FBI Warns about Vishing Attacks that keep Corporate Accounts Information!\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/xiarch.com\/blog\/#website\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"name\":\"Xiarch Solutions Private Limited\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/xiarch.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\",\"name\":\"Xiarch\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"contentUrl\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"width\":300,\"height\":300,\"caption\":\"Xiarch\"},\"image\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/xiarch\/\",\"https:\/\/twitter.com\/xiarch\",\"https:\/\/www.linkedin.com\/company\/xiarch\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\",\"name\":\"Xiarch Security\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"caption\":\"Xiarch Security\"},\"sameAs\":[\"https:\/\/xiarch.com\/blog\/\"],\"url\":\"https:\/\/xiarch.com\/blog\/author\/vector\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"FBI Warns about Vishing Attacks that keep Corporate Accounts Information! - Xiarch Solutions Private Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/","og_locale":"en_US","og_type":"article","og_title":"FBI Warns about Vishing Attacks that keep Corporate Accounts Information! - Xiarch Solutions Private Limited","og_description":"The Federal Bureau of Investigation had issued a warning letter to control the ongoing vishing attacks that used to steal the information of corporate accounts and credentials for network access and take advantage of international and the United States based employees. The term Vishing is known as voice phishing, it is a type of social […]","og_url":"https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/","og_site_name":"Xiarch Solutions Private Limited","article_publisher":"https:\/\/www.facebook.com\/xiarch\/","article_published_time":"2021-01-19T07:08:52+00:00","article_modified_time":"2021-06-07T05:09:48+00:00","og_image":[{"width":2000,"height":1200,"url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/01\/FBI-Vishing-Attacks-Featured-Image.png","type":"image\/png"}],"author":"Xiarch Security","twitter_card":"summary_large_image","twitter_creator":"@xiarch","twitter_site":"@xiarch","twitter_misc":{"Written by":"Xiarch Security","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/#article","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/"},"author":{"name":"Xiarch Security","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c"},"headline":"FBI Warns about Vishing Attacks that keep Corporate Accounts Information!","datePublished":"2021-01-19T07:08:52+00:00","dateModified":"2021-06-07T05:09:48+00:00","mainEntityOfPage":{"@id":"https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/"},"wordCount":595,"commentCount":0,"publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"articleSection":["Consulting"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/","url":"https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/","name":"FBI Warns about Vishing Attacks that keep Corporate Accounts Information! - Xiarch Solutions Private Limited","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/#website"},"datePublished":"2021-01-19T07:08:52+00:00","dateModified":"2021-06-07T05:09:48+00:00","breadcrumb":{"@id":"https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/xiarch.com\/blog\/fbi-warns-about-vishing-attacks-that-keep-corporate-accounts-information\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/xiarch.com\/blog\/"},{"@type":"ListItem","position":2,"name":"FBI Warns about Vishing Attacks that keep Corporate Accounts Information!"}]},{"@type":"WebSite","@id":"https:\/\/xiarch.com\/blog\/#website","url":"https:\/\/xiarch.com\/blog\/","name":"Xiarch Solutions Private Limited","description":"","publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/xiarch.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/xiarch.com\/blog\/#organization","name":"Xiarch","url":"https:\/\/xiarch.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","contentUrl":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","width":300,"height":300,"caption":"Xiarch"},"image":{"@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/xiarch\/","https:\/\/twitter.com\/xiarch","https:\/\/www.linkedin.com\/company\/xiarch"]},{"@type":"Person","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c","name":"Xiarch Security","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","caption":"Xiarch Security"},"sameAs":["https:\/\/xiarch.com\/blog\/"],"url":"https:\/\/xiarch.com\/blog\/author\/vector\/"}]}},"_links":{"self":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/712"}],"collection":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/comments?post=712"}],"version-history":[{"count":3,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/712\/revisions"}],"predecessor-version":[{"id":718,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/712\/revisions\/718"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media\/717"}],"wp:attachment":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media?parent=712"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/categories?post=712"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/tags?post=712"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
![\"FBI](\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/01\/FBI-Vishing-Attacks-1024x423.jpg\")
<\/figure><\/div>\n\n\n\n![\"FBI](\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/01\/FBI-Vishing-Attacks-1.png\")
<\/figure><\/div>\n\n\n\n