Security Awareness – Vishing Campaign Impersonates Microsoft in Attempt to gain Remote Access

As if phishing emails weren’t enough, a new vishing campaign involves threat actors posing as Microsoft employees to trick victims into granting remote access to their devices. Vishing is a variation of phishing where the attackers speak with a victim over the phone. This vishing campaign was identified by the security firm Armorblox. This particular campaign begins with fake emails appearing to be invoices for a Microsoft Defender subscription – a subscription the victim never purchased, thus prompting them to place a phone call to “resolve.” A fake customer service representative then asks the caller to install AnyDesk so they could gain remote access to their device – presumably to accomplish any number of nefarious activity, including install malware or ransomware, steal login credentials or grab confidential information. Members are encouraged to share these campaigns in security awareness reminders to staff to help increase organizational resilience against these and other types of phishing. Access more highlights at TechRepublic or read the original blog post at Armorblox.