COVID-19: Tech Support Scams Target Remote Workers

Malvertising and vishing are on the rise as we spend more time online and on calls

11-30-2020
Alicia Lynch
CYBER

With more remote workers than ever, phony tech support scams are becoming more common. Attackers are taking advantage of the increased reliance on phone calls, impersonating your company’s tech support services to steal credit card information or company credentials.

If you think that you may have experienced a tech support scam, reach out to your cybersecurity team immediately.

Method of attack: malvertising

Malvertising, a combination of malware and advertising, is a cybersecurity threat where attackers purchase advertising space on a legitimate website to increase the likelihood that victims will click on their malicious ads. Attackers often use malvertising to steal payment information and run up fraudulent credit card charges, but they may also attempt to steal sensitive information and/or login credentials.

Signs of malvertising include:

  • The inability to close ad-generated pop-up messages and/or browser windows
  • An unresponsive cursor
  • Animation, flashing text, and/or computer-generated warning sounds
  • A phone number to call tech support and fix the “issue” with your computer via remote desktop access
  • A request for a credit card number or other payment method

Your IT service desk will never ask for credit card information or direct you to purchase an application or software. If you see anything that looks like malvertising on your computer, close the browser window(s) and immediately contact your cybersecurity team. If you are unable to close the window(s), press "Ctrl"+"Alt"+"Delete" and shut down your computer. Your cybersecurity team will still be able to trace the malicious activity while your computer is off. Do not restore the browser tabs from your previous session the next time you log in.

 

Your IT service desk will never ask for credit card information or direct you to purchase an application or software.

Method of attack: vishing

In August, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued a joint advisory that warned about the increase in sophisticated voice phishing, or vishing, attacks on U.S. companies during the pandemic.

Vishing occurs when the attacker makes contact with the victim via voice over IP (VoIP) phone. By using VoIP calls, scammers can cast a wide net and make hundreds of calls at once while tricking victims' caller ID tools into displaying any identity they want. Using information gathered from social media, they can target specific employees and personalize their phony tech support scripts.

Protecting yourself and your company from a vishing attack may seem intimidating with how much an attacker can find out about you online, but here are some tips to stay safe:

  • If you receive a call from an unknown number, resist the urge to see who it is and let it go to voicemail. In most cases, the attacker will move on and try to catch someone who will answer.
  • Limit what you post on social media. For LinkedIn, this means avoid sharing details about your current position that would give someone the impression that you have a specific clearance, access to sensitive data, and/or privileged account(s).
  • Trust your gut. If you feel uncomfortable when someone asks for sensitive or personal information over the phone, end the call immediately and contact your cybersecurity team.

Continued vigilance is required

Threat actors are aggressively targeting the defense industry for high-value assets in unsecured environments, so we need to be vigilant with our daily cyber hygiene and actively defend our systems against these types of attacks. Modern cyberattacks are often sophisticated, and anyone can be a victim.

Remember, if you think that you may have encountered an online scam, reach out to your cybersecurity team immediately. Your cybersecurity team is there to help you, and the faster you help identify a new threat, the faster the cybersecurity professionals can prevent others from falling victim to it.

 

ADDITIONAL READING: 5 strategies for coping with COVID-19

Posted by: Alicia Lynch

VP and Chief Information Security Officer

Alicia Lynch joined the SAIC team In April 2018 as the Vice President, Chief Information Security Officer (CISO), bringing over 30 years of experience with the Department of Defense, the defense contracting community and the private sector. Alicia retired as a Colonel from the U.S. Army in 2012.

She has over 15 years of experience as a Senior Information System Security professional supporting the intelligence community (IC), DoD, and the federal government CONUS and OCONUS in a multitude of IT security roles. She has extensive experience implementing secure mission critical hardware and software systems for the intelligence community.

She has recently held titles including the Deputy Chief Information Security Officer at Accenture Federal Services, VP of Enterprise Solutions at a cyber security startup, and Director of Governance, Risk and Compliance at BAE Systems. In the defense contracting and commercial sectors, Alicia has extensive experience managing diverse portfolios including projects over $300 million. She has led requirements development, mission solutions, and contract management, which contributed to companies' long-term, repeatable, revenue goals.

Alicia holds an MBA from the University of Maryland, Robert H. Smith School of Business, and a CIO Program Certificate from the College of Information and Cyberspace, National Defense University. She has also maintained her ISC2 Certified Information Systems Security Professional (CISSP).

Read other blog posts from Alicia Lynch >

Connect with Alicia Lynch: linkedin icon

< Return to Blogs