FBI warns about new attacks targeting new hires and remote workers
The Intermedia security team has been tracking a recent threat that you should be aware of that targets remote workers and reinforces the importance of good security practices. The FBI and Cybersecurity and Infrastructure Security Agency (CISA) have issued an advisory about a voice phishing (vishing) campaign that targets remote workers and new hires with phone calls that attempt to trick them into using fraudulent sites by posing as IT help desk or support, purportedly to enable their “new, secure” VPN access, but actually to steal their credentials and attack their employer.
This attack relies on social engineering and identifying new hires and remote workers through social posts. Attackers use spoofed phone numbers for the target company, and target employees’ mobile phones. Intermedia discourages our employees and new hires from posting announcements on social media that could make them a target, and we suggest you do the same and make them aware of this potential threat.