The Department of Homeland Security issued a warning last week that is very unsettling for businesses to think about. They have determined that hackers have figured out a way to spoof IT providers and their relevant security measures. This means that a mistimed click can ruin both you and your internet security.
There are many scams associated with this type of breach, the most basic will go after you directly. Using social engineering, they will find your number, call you, and say that they are a local business and ask you for a recommendation for an IT service for them to use. Once satisfied, they go through the various social media outlets to find out more about your company and your IT provider. Then they call back the next day, identifying as your IT provider. At this point, they will ask for people in your company who have administrative or financial access to your company’s information. If successful, the victim will allow the remote access, falling for the ruse that the IT’s normal access points are down. The result is that the hacker has accessed Everything, ruining the reputation of the IT company. Alternatively, they can do the opposite and call your provider posing as a member of your company and do the same thing.
There are three import precautions that you should remember. The first is that most IT providers already can remote access your machine once you have access to their specific client. Second, if someone is asking for access to your computer don’t give them access and immediately call your provider to report the incident. Finally, be vigilant and never open emails or answer phones from suspicious links or numbers.
For more on our Cyber coverage options: Click Here
DHS Warning: https://www.msspalert.com/cybersecurity-news/dhs-warning-msps-csps/