Don’t call the number! We’ll break down this specific socially engineered threat, and offer 3 things your organization you can do to shore up security.
In your effort to protect computer systems and sensitive data, socially engineered attacks need to be on your entire organization’s radar.
Social engineering is the art of manipulating, influencing, or deceiving you in order to gain control over your computer system. According to KnowBe4, only about 3% of malware tries to exploit an exclusively technical flaw. The other 97% instead targets users through Social Engineering.
Social engineered attacks are simply an easy way in for cyber criminals.
We’re aware of a recent upswing in one specific method of attack. The activity includes a “pop-up” or “alert” on your computer system tell you that you are infected and to call a number. It’s a highly effective scam that has existed for years.
Fraudulent support sites, including Microsoft Spoofers, will make you believe that you have a problem with your PC. You may be redirected to these websites automatically by malicious ads found in dubious sites, such as download locations for fake installers and pirated media.
They might even ask you to CALL a number and they will pretend to be Microsoft and will lure you into a remote session.
Don’t do this.
Remember, always, that a legitimate error message from Microsoft, for example, would never ask you to call a tech support number. Put another way, “don’t call us. We will call you.”
These websites can use any of the following tactics to convince you that there’s a problem with your PC that needs fixing:
They can also use the following techniques to make their claim more believable:
Again, all these techniques are meant to persuade you to call the specified tech support number and start a support session.
Remember: “Don’t call us. We will call you.”
Define what assets you have that may be tempting to criminals, and how that is likely to be pursued. Update software and systems.
Educating your team on what socially engineering is, what types of threats exists and how to guard against them is the best preventative measure your organization can take.
It only takes one errant click, or one erroneous phone call to comprise data and leave you as yet another victim of a socially engineered attack.
Find out exactly where you stand today in regards to network security. Establish the foundation for your plan by assessing your risk and identifying key steps and best practices moving forward.
Developing a well-managed, properly secured network starts here.
What Can I Do? Every company needs a security strategy and the basic elements of data and network security –…
Four scenarios you might face: 1. Day-to-day IT maintenance is dragging you down. Are you running around just trying to…
However, it’s not just important, it’s critical (data backup is also a great way to avoid paying ransom in a…
From stability to strategy, ActaMSP delivers clarity and action where it matters most.
