Include:
Tech
Cybersecurity
Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.

Location

333 West San Carlos Street
San Jose, California 95110
United States

WWW: acer.com

ChannelPro Network Awards

hello 2
hello 3

News

September 15, 2021 |

Vishing Gives New Voice to Low-Tech Scammers

How urgent phone calls can lead to account access.

EARLIER THIS YEAR, the FBI warned SMBs about an uptick in voice phishing, or “”vishing,”” attacks whereby scammers use phone calls to convincingly elicit passwords and gain access to critical data. The low-tech nature of vishing tactics is attractive to some scammers who might not fit the typical hacker stereotype.

“”With phishing, scammers would need some programming skills,”” says Diana Giles, owner and president of Edmond, Okla.-based Skyline IT Management. “”But with vishing, the scammer’s time is taken up more by dealing with people on a one-on-one basis.””

With phone calls, it’s also tougher for MSPs to protect clients. In her consultancy work, Giles experienced first-hand the damage done when a residential client revealed usernames and passwords. “”She just fell for a phone call,”” Giles explains. “”None of their security software would have helped prevent this.””

Vishing, however, is not as efficient as other attack methods, Giles points out, as “”it takes a lot more manpower and hours to accomplish the goal.”” In addition, “”people aren’t answering their phone as readily—and carriers are doing a better job of [mitigating] spam risk.””

For this reason, Giles sees the greatest vishing-related threats coming from a hybrid model that first uses email or text. “”I still think phishing is a bigger threat because they can meet more people quicker,”” she explains.

One high-profile example involved the Geek Squad, the tech support arm of retail giant Best Buy. In this case, the scheme used a spoofed email (an email appearing to legitimately come from a trusted source). The email lured recipients into calling a phone number to inquire about their supposedly expired annual protection plan. From there, the voice phishing ensued, and victims unknowingly provided credit card information to live attackers on the other end of the line.

Most scams, whether vishing or a hybrid attack, are designed to convey urgency, and that rushed, hectic experience tricks victims into looking past the criminal’s “”sleight of hand,”” notes Giles, who covers vishing in her security awareness training. “”I try to teach our clients to assume everyone who is contacting you with some sort of alert about something that requires you to act quickly is a scammer,”” she says.

Instead of responding to such urgent messages, Giles recommends hanging up and then starting a new conversation with the supposed source. “”If it’s a legitimate problem with your bank, for example, then you’re going to be able to deal directly with that bank.””

Image: iStock


Editor’s Choice

MSP360 Bolsters Managed Backup Solution With Full Sharepoint Backup and Restore, Object Lock, and More

March 25, 2024 |

MSP360 CEO Brian Helwig details the latest improvements in its managed backup solutions and teases some new opportunities down the road for its partners in an exclusive ChannelPro interview.

Peer to Peer: Aurora’s Philip de Souza shares his secrets to creating a successful MSSP

March 19, 2024 | Philip de Souza

“It’s important that we understand when it comes to this whole MSP world that it’s all about the customer.”

Evolving State AI Regulations: Best Practices for Mitigating Risk

March 14, 2024 | Anurag Lal

While AI technologies can unlock tremendous business value, they also have potential risks.


Related News

Growing the MSP

Explore ChannelPro

Events

Reach Our Audience