Is it Really Your IT Company or is it a Cybercriminal?
Social engineering attacks are used by cybercriminals to steal your sensitive information. During these attacks, cybercriminals try to impersonate companies or people you may know to trick you into giving over your information.
In the latest attack, Coinbase, was a victim of a social engineering attack. Cybercriminals sent over smishing messages to the Coinbase employees and these messages contained a link for them to login to their company account. Coinbase’s IT team did block the cybercriminal from gaining access after an employee tried to login using the link. The cybercriminal did take this block into their own hands and called the same employee who tried to log in from the link. The cybercriminal claimed to be Coinbase’s IT Department to trick the employee. That employee fell for the cybercriminals tactics and gave sensitive information to them over the phone.
Tips:
- Always verify! If you get an unexpected text or phone call claiming to be someone or company, hangup and call your IT department directly.
- Be on high alert and always think before you click! Hover over links to see where they are going and slow down. Cybercriminals want you to act impulsively.
- Be cautious with unexpected text messages, phone calls and emails.
Learn more tips like this and train your employees with our Security Awareness Training Program.