The Federal Bureau of Investigation (FBI) has issued a notification warning of ongoing vishing attacks attempting to steal corporate accounts and credentials for network access and privilege escalation from US and international-based employees.
Vishing (also known as voice phishing) is a social engineering attack where attackers impersonate a trusted entity during a voice call to persuade their targets into revealing sensitive information such as banking or login credentials.
According to the TLP:WHITE Private Industry Notification (PIN) shared on Friday [PDF], the threat actors are using Voice over Internet Protocol (VoIP) platforms (aka IP telephony services) to target employees of companies worldwide, ignoring their corporate level.
Read more…
Source: Bleeping Computer