The Rise of Vishing: How Attackers Bypass 2FA and Impersonate Help Desk
Phishing has been a significant threat for years, accounting for over 30% of known breaches. With the pandemic, hackers have ramped up their efforts to steal login credentials, leading to the revival of old-school vishing techniques. Vishing, similar to phishing, uses social engineering to steal sensitive data over the phone. It involves attackers impersonating support representatives and requesting 2FA codes or passwords, and it is particularly successful due to attackers impersonating help desk representatives. Vishing scams are now targeting carefully selected individuals by gathering information from social media and public sources. Vishing attacks have been on the rise, with 69% of companies experiencing them in 2021, up from 54% in 2020..
Vishing Bypassing 2FA
One of the most concerning aspects of vishing is the attackers’ ability to bypass two-factor authentication (2FA) security measures. This is a popular form of multi-factor authentication that requires users to provide two types of information: a password and a one-time code sent via SMS. Attackers impersonating a support representative can request the victim’s 2FA code over the phone. If the victim provides the code, the attacker can gain full access to their account, potentially leading to financial or personal information being compromised.
Impersonating Help Desk Support
Vishing attacks often involve attackers impersonating the help desk, claiming that the user’s device has been breached or infected with malware. The attacker convinces the user to download remote access software under the pretext of corporate IT help desk representatives. This is the final phase of the scam, after which the unsuspecting victims are scammed out of money or sensitive data.
Twist as Attackers Call the Help Desk & Impersonate End-Users
Social engineering attacks can also be used to impersonate an end-user on a call to the help desk. An experienced attacker can easily acquire answers to security questions from various sources, especially knowing end-users put too much personal information on social media and the web. Hackers can use this information to convince help desk personnel of their authenticity and reset a privileged account’s credentials.
Verifying User Identity
Verifying user identity in the vishing age is more important than ever. One effective way to safeguard against these types of attacks is to implement a security service desk solution. This solution allows for verifying user accounts with existing data beyond knowledge-based authentication. This can be achieved by sending a one-time code to the mobile number associated with the user’s account or using existing authentication services to verify callers.Enforcing user authentication is another key aspect of Specops Secure Service Desk. This ensures that information and password resets are only offered to authorized users, essential for protecting high-security accounts and adhering to regulatory requirements. A secure service desk allows for the secure reset or unlocking of user accounts only after the user has been successfully authenticated, thereby reducing the likelihood of vishing attacks.
Training Help Desk Staff
Training help desk staff is another effective way to protect against vishing scams. Staff members should be trained to recognize potential vishing attacks and verify the caller’s identity through established protocols. This includes verifying the caller’s name, position, and reason for the call. If the call seems suspicious, the staff member should escalate the issue to a higher level of authority or the security team.
Regular Security Awareness Training for Employees
Security awareness training for employees is essential to educate them about the risks of vishing attacks. This training should include information on how to identify potential vishing scams and the steps to take to verify the caller’s identity. Employees should be encouraged to report suspicious calls to the help desk or IT department.
The rise of vishing attacks is a serious threat to organizations worldwide. The attackers’ ability to bypass 2FA and impersonate help desk support is a cause for concern. However, with the implementation of TriTech’s Secure Service Desk Solution in Edmonton, organizations can mitigate the risk of vishing attacks.
TriTech’s services ensure the verification of user accounts, enforce user authentication, and offer regular security awareness training to employees. With these measures in place, organizations can protect their sensitive data and safeguard against vishing attacks. Trust in TriTech’s Security Services in Edmonton to keep your organization’s data safe from vishing scams.
[…] The rise of vishing attacks is a serious threat to organizations worldwide. The attackers’ ability to bypass 2FA and impersonate help desk support is a cause for concern. However, with the implementation of TriTech’s Secure Service Desk Solution in Edmonton, organizations can mitigate the risk of vishing attacks. […]