15/2016Chris Zachar—Senior Consultant • 7/
The FBI reports the Internet Crime Complaint Center (IC3) is receiving an increase in complaints related to Technical Support Scams in the public sector. IT professionals have been battling this type of social engineering attack at the corporate level for years. Tech support scams are particularly dangerous because a user would not consider it unusual for support personnel to request remote access into a computer. The social engineer could then gain access to a network.
Common topics for scams include a mailbox quota has been reached, an account failure has occurred, a software download to access an encrypted email is needed, a file download to a shared folder is available, or maintenance has been scheduled. The user may be told that immediate action must be taken or account access will be disabled. Users who click a link or open an attachment may download malware or activate a ransomware attack.
Tech Support attacks are successful because the threat of losing access to one’s email or data is easily understood, would be a likely consequence for the situation posed by the social engineer, and would have a critical impact on most people’s lives. Many users respond quickly, without taking time to evaluate the scam email or call.
How can you combat Tech Support Scams?
- Obtain User Buy-in. Explain to users that the ability to identify Tech Support Scams will protect them personally as well as professionally. Users who practice caution at work are more likely to be cautious at home. They can use what they learn to educate their family members, too.
- Standardize Your Communications. Adopt a communication standard so users can easily identify your messages. Using existing successful communication methods, such as newsletters and intranet postings, show users what your real communications look like. Remind users that any restricted account access can be restored by your IT Department.
- Educate Users About Incident Response Protocols. Teach users what to do if they encounter suspicious email. Follow up on reports so users know they are taken seriously.
- Monitor Spam Reports to Identify Trends or Attacks. Besides helping you block attacks, alerting users about trends allows you to utilize your Human Factor for additional protection.
- Test Users to Understand Your Risk and Identify Your Training Needs. Target training to where it is needed.
PhishLine offers a full line of technology related emails and Interactive Voice Response (IVR) applications. Our Awareness Landing Pages offer in-the-moment training for users who perform undesirable actions during an email test. Training content from PhishLine and our partners can help you further educate your users about how to identify and react to social engineering attempts. Our Phish Reporting Button makes it easy to report suspicious mail, and our Incident Response Dashboard can help you sort, analyze, and assign dispositions to your test campaign and real phishing mail. Please contact us to learn more.