Vishing, or voice phishing, is using the telephone to conduct phishing attacks. This week, Las Vegas casino organizations, MGM and Caesars both had incidents of cyber attacks. For MGM, how did they get in? – a 10-minute phone call to a help desk searching for credentials. Don’t let this happen to you!
We’ve all gotten the phone calls about extended car warranties or that “free” vacation. But vishing goes far deeper than that. While we are still waiting on confirmation on the exact attack vector for the casinos, it is reported that the hackers looked on LinkedIn to find employees of MGM, and then called the help desk to request assistance in logging in. With stolen credentials, they were in within 10 minutes.
Think about the calls you get and if they are legit. Most reputable companies, especially banking institutions, will not ask for your username and password. Protect your credentials as if they are actual money because they are highly valuable.