Has Vishing Hooked Your Employees?

Covid has been a godsend for nefarious actors. With remote work on the rise, IT departments are finding it harder and less convenient to monitor all access to corporate networks. 

Nefarious actors are using this opportunity to gather or “phish” for corporate credentials. Many are using the telephone to gather this information. Collecting  private or privileged information by phone is known as “voice phishing,” or “vishing” for short.

And, it is serious. As outlined in this HIPPA Journal article, the FBI has even issued a warning about the spike in vishing attacks.

What Exactly Is Vishing?

Vishing for Credentials

Vishing is defined as the fraudulent practice of making phone calls or leaving voice messages purporting to be from reputable companies. These calls are made in order to induce individuals to reveal personal information, such as bank details, credit card numbers, or passwords to critical accounts.

Vishers often make calls to random numbers, but savvy actors know calls are more productive if they are targeted.

What Harm Can Vishing Do To My Company?

Consider for example calls coming into a memory care unit. If a nefarious actor can obtain access to incoming phone numbers, he can then do a reverse lookup for names. The result is a list of people seeing the memory care specialists.

This bad actor can then use or sell that list to another set of nefarious actors who conduct vishing attacks to scam this vulnerable demographic out of their money.

Another example is identifying rich investors dialing into a financial company’s preferred investor relations department. Valuable information can also be obtained from life insurance companies, reverse mortgage companies, senior living facilities… You get the idea.

Vishing for Dollars

How Do These Bad Actors Obtain My Data?

Vishing is a social engineering tool used to gain access to credentials. And, as noted in the HIPPA Journal article, vishers are starting at all levels of the organization, wherever they can obtain a foothold. From there, they slowly work their way into more inclusive credentials.

If not properly secured, nefarious actors can gain access to your CDR records by using the credentials obtained through vishing and other means. Once CDR is obtained, they can extract phone numbers and reverse lookup the names.

How Does SierraGold by SAI™ Help?

SierraGold by SAITM helps ensure allocated extension information does not fall into the hands of bad actors. Bad actors that hope to gain your company’s phone extensions to go on a vishing attack.

To protect critical data, SierraGold uses a telecom switch’s built-in method of securely transferring CDR. An example method is Cisco’s built-in secure FTP transfer.

For switch types that do not have built-in secure transfer methods, SAI provides their patented NetSafe™ solution. NetSafe™ collects CDR within the customer’s network. It then transfers the data to SAI’s data center via secure FTP. Your data are always protected.

Looking to Secure Your CDR Against Vishers Prying Eyes?

Vishing with Prying Eyes

Looking to secure your organizations CDR against vishing attacks and vishers prying eyes?

SierraGold by SAI™ has been protecting our customers’ CDR for more than 30 years, long before the term “vishing” was coined.

Contact us today to learn how SierraGold by SAI has helped numerous large, Fortune 500 companies protect their data from the prying eyes of nefarious actors.

CONTACT US

Other Posts Related to Security and Compliance

Thank you for your message. It has been sent.
There was an error trying to send your message. Please try again later.
2022-02-28T14:12:04-08:00
Go to Top