Has Vishing Hooked Your Employees?
Covid has been a godsend for nefarious actors. With remote work on the rise, IT departments are finding it harder and less convenient to monitor all access to corporate networks.
Nefarious actors are using this opportunity to gather or “phish” for corporate credentials. Many are using the telephone to gather this information. Collecting private or privileged information by phone is known as “voice phishing,” or “vishing” for short.
And, it is serious. As outlined in this HIPPA Journal article, the FBI has even issued a warning about the spike in vishing attacks.
What Exactly Is Vishing?
Vishing is defined as the fraudulent practice of making phone calls or leaving voice messages purporting to be from reputable companies. These calls are made in order to induce individuals to reveal personal information, such as bank details, credit card numbers, or passwords to critical accounts.
Vishers often make calls to random numbers, but savvy actors know calls are more productive if they are targeted.
What Harm Can Vishing Do To My Company?
Consider for example calls coming into a memory care unit. If a nefarious actor can obtain access to incoming phone numbers, he can then do a reverse lookup for names. The result is a list of people seeing the memory care specialists.
This bad actor can then use or sell that list to another set of nefarious actors who conduct vishing attacks to scam this vulnerable demographic out of their money.
Another example is identifying rich investors dialing into a financial company’s preferred investor relations department. Valuable information can also be obtained from life insurance companies, reverse mortgage companies, senior living facilities… You get the idea.
How Do These Bad Actors Obtain My Data?
Vishing is a social engineering tool used to gain access to credentials. And, as noted in the HIPPA Journal article, vishers are starting at all levels of the organization, wherever they can obtain a foothold. From there, they slowly work their way into more inclusive credentials.
If not properly secured, nefarious actors can gain access to your CDR records by using the credentials obtained through vishing and other means. Once CDR is obtained, they can extract phone numbers and reverse lookup the names.
How Does SierraGold by SAI™ Help?
SierraGold by SAITM helps ensure allocated extension information does not fall into the hands of bad actors. Bad actors that hope to gain your company’s phone extensions to go on a vishing attack.
To protect critical data, SierraGold uses a telecom switch’s built-in method of securely transferring CDR. An example method is Cisco’s built-in secure FTP transfer.
For switch types that do not have built-in secure transfer methods, SAI provides their patented NetSafe™ solution. NetSafe™ collects CDR within the customer’s network. It then transfers the data to SAI’s data center via secure FTP. Your data are always protected.
Looking to Secure Your CDR Against Vishers Prying Eyes?
Looking to secure your organizations CDR against vishing attacks and vishers prying eyes?
SierraGold by SAI™ has been protecting our customers’ CDR for more than 30 years, long before the term “vishing” was coined.
Contact us today to learn how SierraGold by SAI has helped numerous large, Fortune 500 companies protect their data from the prying eyes of nefarious actors.
Other Posts Related to Security and Compliance
Are You Ready for 988 Calls?
Are you ready for 988 calls? Would you like to know when someone in your organization is in crisis and needs help? Learn how SierraGold by SAI can help.
Has Vishing Hooked Your Employees?
Are more of your employees working remote these days? Is your IT department finding it harder to monitor access to company networks? Worried about corporate credentials being compromised? Have your employees been hooked by vishing attacks? Learn how SierraGold by SAI can help.
Are You Worried about Company Misdeeds? Try e-Discovery.
Is one of your employees being stalked at work? Worried about proving a sexual harassment case? Suspicious of an employee running a side gig on company time? Your call data records (CDR) contain a goldmine of information that may help you resolve these burning questions.
Does Your Enterprise Comply with the FCC Ray Baum’s Act?
Does your enterprise comply with the new FCC Rules? Ray Baum’s Act dictates that enterprises operating a multi-line telephone system (MLTS) must provide a dispatchable location with every 911 call. Learn how SierraGold by SAI InPut can help.