Authorities saw a slight increase in phishing campaigns after the pandemic forced companies to move work home.
And revealed the FBI (FBI) and the Office of Cyber Security Agency and security infrastructure (CISA) for the increase in voice phishing campaigns in consulting common cyber – security, which companies offer users a list of tips on how to protect themselves against fraud.
And part of the counseling says: The (COVID-19) pandemic has caused a mass shift to work from home, increasing the use of corporate VPNs and excluding personal verification, which could partly explain the campaign's success.
"Similar campaigns before the pandemic targeted telecommunications and Internet service providers exclusively with these attacks, but the focus has recently expanded to include more indiscriminate targeting," the consultancy added.
The advice was published shortly after Krebs on Security announced that a group of cybercriminals were marketing a phishing service that used private phishing sites and social engineering techniques to steal VPN data from employees.
Although the agencies did not confirm the report, they said: The cybercriminals began a phishing campaign in mid-July 2020.
They also described a plan similar to a site (Krebs on Security): The attackers register domains using the names of the target companies and then they repeat logging in to pages (VPN) their own internal.
The criminals used VoIP numbers at first, but later began using fraudulent numbers from victims' co-workers and other offices within their company.
Hackers tend to target new employees and pretend they are new IT employees, and they also create fake pages on the LinkedIn platform to gain the trust of victims.
In order to be as believable as possible, they compile files on the target company's employees. The files contain information gathered from public personal files, marketing tools and security checks available to the public.
After the cybercriminals convince the victim that they are part of their company's IT team, they send them a fake VPN link that requires their login.
Employees approve two-factor authentication requests on their phones, believing they got it because they gave the fake IT employees access to their accounts.
Once they enter the company’s network, they dig into the personal information of customers and employees to benefit from it in other attacks, and they exploit their attacks using various methods.
The method used depends on the company, the agencies said, but is usually very aggressive with a tight schedule.