4/13/2023 0 Comments Anydesk app fraud detection![]() Techniques used: Social engineering, brand impersonation, replicating existing workflows, vishing (no URLs in email), using a Gmail address, omni-channel attack flowįig: A variant of the Microsoft vishing email with minor changes to the email body Vishing Flow Target: A cloud collaboration software companyĮmail security bypassed: Google Workspace email security Now let’s focus on the attack at hand: Summary Armorblox has recently covered Amazon and tech support vishing attacks. Calling the listed number led to a vishing flow where the attacker tells the victim to install AnyDesk for an attempted Remote Desktop Protocol (RDP) attack.īefore we go through the attacks in greater detail, a brief description of vishing for the uninitiated: vishing (or voice phishing) is a type of scam where malicious actors steal personal information from victims over the phone or by leaving fraudulent voice messages. ![]() ![]() The email sent fake order receipts for a Microsoft Defender subscription and included phone numbers to call for processing order returns. ![]() In today’s Blox Tale, we will look at a vishing (voice phishing) attack that impersonated Microsoft and attempted to steal victims’ credit card details. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |