COVID-19: Tech Support Scams Target Remote Workers

COVID-19: Tech Support Scams Target Remote Workers

Malvertising and vishing are on the rise as we spend more time online and on calls

10-22-2020
Alicia Lynch
CYBER

With more remote workers than ever, phony tech support scams are becoming more common. Attackers are taking advantage of the increased reliance on phone calls, impersonating your company’s tech support services to steal credit card information or company credentials.

If you think that you may have experienced a tech support scam, reach out to your cybersecurity team immediately.

Method of attack: malvertising

Malvertising, a combination of malware and advertising, is a cybersecurity threat where attackers purchase advertising space on a legitimate website to increase the likelihood that victims will click on their malicious ads. Attackers often use malvertising to steal payment information and run up fraudulent credit card charges, but they may also attempt to steal sensitive information and/or login credentials.

Signs of malvertising include:

  • The inability to close ad-generated pop-up messages and/or browser windows
  • An unresponsive cursor
  • Animation, flashing text, and/or computer-generated warning sounds
  • A phone number to call tech support and fix the “issue” with your computer via remote desktop access
  • A request for a credit card number or other payment method

Your IT service desk will never ask for credit card information or direct you to purchase an application or software. If you see anything that looks like malvertising on your computer, close the browser window(s) and immediately contact your cybersecurity team. If you are unable to close the window(s), press "Ctrl"+"Alt"+"Delete" and shut down your computer. Your cybersecurity team will still be able to trace the malicious activity while your computer is off. Do not restore the browser tabs from your previous session the next time you log in.

 

Your IT service desk will never ask for credit card information or direct you to purchase an application or software.

Method of attack: vishing

In August, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued a joint advisory that warned about the increase in sophisticated voice phishing, or vishing, attacks on U.S. companies during the pandemic.

Vishing occurs when the attacker makes contact with the victim via voice over IP (VoIP) phone. By using VoIP calls, scammers can cast a wide net and make hundreds of calls at once while tricking victims' caller ID tools into displaying any identity they want. Using information gathered from social media, they can target specific employees and personalize their phony tech support scripts.

Protecting yourself and your company from a vishing attack may seem intimidating with how much an attacker can find out about you online, but here are some tips to stay safe:

  • If you receive a call from an unknown number, resist the urge to see who it is and let it go to voicemail. In most cases, the attacker will move on and try to catch someone who will answer.
  • Limit what you post on social media. For LinkedIn, this means avoid sharing details about your current position that would give someone the impression that you have a specific clearance, access to sensitive data, and/or privileged account(s).
  • Trust your gut. If you feel uncomfortable when someone asks for sensitive or personal information over the phone, end the call immediately and contact your cybersecurity team.

Continued vigilance is required

Threat actors are aggressively targeting the defense industry for high-value assets in unsecured environments, so we need to be vigilant with our daily cyber hygiene and actively defend our systems against these types of attacks. Modern cyberattacks are often sophisticated, and anyone can be a victim.

Remember, if you think that you may have encountered an online scam, reach out to your cybersecurity team immediately. Your cybersecurity team is there to help you, and the faster you help identify a new threat, the faster the cybersecurity professionals can prevent others from falling victim to it.

 

ADDITIONAL READING: 5 strategies for coping with COVID-19

Posted by: Alicia Lynch

VP and Chief Information Security Officer

Alicia Lynch is vice president and chief information security officer of SAIC.

Lynch joined SAIC in 2018, bringing over 30 years of experience with the Department of Defense, the defense contracting community, and the private sector. Her experience includes 15 years of experience as a senior information system security professional supporting the intelligence community, DOD, and the federal government in a multitude of IT security roles. She has extensive experience in implementing secure, mission-critical hardware and software systems for the IC.

Lynch retired as a colonel in the U.S. Army in 2012. She then held roles as deputy chief Information security officer of Accenture Federal Services; vice president of enterprise solutions at a cybersecurity startup; and director of governance, risk, and compliance at BAE Systems, managing diverse portfolios. She has led requirements development, mission solutions, and contract management, while contributing to strategic and revenue goals.

Lynch retired as a colonel in the U.S. Army in 2012. She holds an MBA from the University of Maryland and a CIO program certificate from the National Defense University College of Information and Cyberspace. She is a Certified Information Systems Security Professional.

 

ALICIA LYNCH IN THE MEDIA:

 

 

ALICIA LYNCH ON SOCIAL MEDIA:

 

 

ALICIA LYNCH ON SAIC VIDEO:

 

Read other blog posts from Alicia Lynch >

Connect with Alicia Lynch: linkedin icon

< Return to Blogs