Menu

Accessible Site

Donate Today

Alan W. Dowd is a Senior Fellow with the American Security Council Foundation, where he writes on the full range of topics relating to national defense, foreign policy and international security. Dowd’s commentaries and essays have appeared in Policy Review, Parameters, Military Officer, The American Legion Magazine, The Journal of Diplomacy and International Relations, The Claremont Review of Books, World Politics Review, The Wall Street Journal Europe, The Jerusalem Post, The Financial Times Deutschland, The Washington Times, The Baltimore Sun, The Washington Examiner, The Detroit News, The Sacramento Bee, The Vancouver Sun, The National Post, The Landing Zone, Current, The World & I, The American Enterprise, Fraser Forum, American Outlook, The American and the online editions of Weekly Standard, National Review and American Interest. Beyond his work in opinion journalism, Dowd has served as an adjunct professor and university lecturer; congressional aide; and administrator, researcher and writer at leading think tanks, including the Hudson Institute, Sagamore Institute and Fraser Institute. An award-winning writer, Dowd has been interviewed by Fox News Channel, Cox News Service, The Washington Times, The National Post, the Australian Broadcasting Corporation and numerous radio programs across North America. In addition, his work has been quoted by and/or reprinted in The Guardian, CBS News, BBC News and the Council on Foreign Relations. Dowd holds degrees from Butler University and Indiana University. Follow him at twitter.com/alanwdowd.

ASCF News

Scott Tilley is a Senior Fellow at the American Security Council Foundation, where he writes the “Technical Power” column, focusing on the societal and national security implications of advanced technology in cybersecurity, space, and foreign relations.

He is an emeritus professor at the Florida Institute of Technology. Previously, he was with the University of California, Riverside, Carnegie Mellon University’s Software Engineering Institute, and IBM. His research and teaching were in the areas of computer science, software & systems engineering, educational technology, the design of communication, and business information systems.

He is president and founder of the Center for Technology & Society, president and co-founder of Big Data Florida, past president of INCOSE Space Coast, and a Space Coast Writers’ Guild Fellow.

He has authored over 150 academic papers and has published 28 books (technical and non-technical), most recently Systems Analysis & Design (Cengage, 2020), SPACE (Anthology Alliance, 2019), and Technical Justice (CTS Press, 2019). He wrote the “Technology Today” column for FLORIDA TODAY from 2010 to 2018.

He is a popular public speaker, having delivered numerous keynote presentations and “Tech Talks” for a general audience. Recent examples include the role of big data in the space program, a four-part series on machine learning, and a four-part series on fake news.

He holds a Ph.D. in computer science from the University of Victoria (1995).

Contact him at stilley@cts.today.

Voicemail Phishing Attacks Threatens 100,000 Inboxes, Leaving Remote Workers Particularly Vulnerable

Thursday, June 18, 2020

Categories: ASCF News Emerging Threats Cyber Security

Comments: 0

A large number of remote workers in particular have fallen victim to a new brand of cyberattack involving voicemail in recent weeks, according to findings from earlier this month made by email security firm IronScales. The new threat, which comes in the form of voicemail phishing attacks, stands as the most recent attempt by cybercriminals to ride the wave of new targets brought about by large number of employees relying on digital communication platforms like Zoom, Microsoft Teams, Slack, and Private Branch Exchange (PBX) in the wake of COVID-19.

The new voicemail phishing attacks specifically target companies with remote workers which are making use of private branch eXchange (PBX). This legacy telephone technology designed for business communication, appears to have proven ideal for cybercriminals in delivering their sinister form of phishing attack by successfully bypassing secure email gateways.

According to IronScales, the voicemail phishing attacks pretend to be standard voicemail notifications from PBX integrations and feature custom subject lines in order to sneak past superficial legitimacy tests. Because PBX is integrated with a target company’s email client to begin with; the cybercriminals’ jobs are made significantly easier as a result.

In total, according to IronScales, voicemail phishing attacks of this kind, also known as “vishing”, have so far threatened almost 100,000 inboxes across the globe belonging to hundreds of companies across all industries, including real estate, oil & gas, engineering, IT, healthcare, financial services and more.

Why are voicemail phishing attacks so successful?

The new voicemail phishing attacks plaguing companies with remote workers—while relatively simple to prevent—are nevertheless wily with regards to their methods.

In order to initiate their attack in a more believable manner, for example, cybercriminals are known to take a number of steps to fool secure email gateways, most notably by customizing the subject line of the email.

Seeing that the attacks are launched with no malicious payload attached—something which would likely undermined the criminal’s secrecy—the emails have proven successful in gaining access to tens of thousands of inboxes across the globe, and are likely to be particularly effective with respect to remote workers based at home. IronScales notes that, in particular, the attacks have proven very capable of outwitting the Domain-based Message Authentication (DMARC) authentication protocol.

“This type of sophistication partially explains why these email attacks are bypassing secure email gateways and the DMARC authentication protocol, as neither are designed to detect or respond to spoofed emails without a malicious payload,” explained Ian Baxter, director of engineering at IronScales.

According to the security firm, this is being done with the intention of trying to coerce remote workers into presenting sensitive information—such as Microsoft Office credentials—in order to access the newly-arrived voicemail. “The attackers are looking to get the recipient to open the malicious attachment to drive to a fake landing page for credential harvesting. The recipient has to enter their O365 login credentials to access the voicemail recording,” IronScales explained to SC Media.

Baxter went on to point out that, in many cases, the voicemail phishing attacks made use of “very targeted” subject lines which included such details as a specific company’s or person’s name.

“It may seem odd for attackers to create phishing websites spoofing PBX integrations as most voicemails are quite benign in the information shared,” Baxter explains in the post. “However, attackers know that the credentials could be used for multiple other logins, including for websites with valuable PII or business information. In addition, any sensitive information that is left in the voicemail could potentially be used for a social engineering attack.”

Advise for companies—with or without remote workers

According to IronScales, any company which automatically sends voicemails to workers inboxes, with or without remote workers, remain at considerable risk of falling victim to voicemail phishing attacks of the kind they recently uncovered. While remote workers do indeed only expound the underlying risks even further, any company relying on legacy systems such as PBX should be cautious, according to IronScales.

The first step, the email security firm advises, is to make employees aware that such a threat is out there in the first place. “Make it top of mind for them so that they can catch such abnormalities,” recommended Baxter.

Following this, the right technology would be able to provide a sufficient shield against the threats posed to in-house and remote workers alike by the recent surge in voicemail phishing attacks.

According to Baxter, software such as a computer vision-based scanner would be able to amply detect the background of potentially fraudulent emails—automatically marking them as phishing attacks if and where necessary.

Photo and Link: https://www.cpomagazine.com/cyber-security/voicemail-phishing-attacks-threatens-100000-inboxes-leaving-remote-workers-particularly-vulnerable/

Comments RSS feed for comments on this page

There are no comments yet. Be the first to add a comment by using the form below.

Search