If “vishing” is a new word in your vocabulary, then you need to learn about it ASAP!
Security attacks come from every direction. I estimate that we have 3-5 weekly electronic attacks attempting to hijack our website using standard logins and passwords that many people forget to change. These come from all over the world, and it seems that “SDS.io” is a name in demand. We have also experienced hacks against our Email system, electronic phishing attempts from Emails that look like they come from an official Microsoft Email, and on and on. If somebody dropped a thumb drive in your parking lot, would you stick it in your computer to see what is on it? You may regret it later. Thumb drives are a simple way to spread viruses throughout an organization. Hacking doesn’t have to be this sophisticated. Sometimes a social attack is the simplest way into your personal life.
Vishing is a voice phishing scheme wherein the hacker attempts to convince somebody in the organization to do something for them claiming to be somebody who they are not. Want to see this in action? Prepare to be astounded at how easy it is for somebody to change your cell phone credentials… Vishing Made Easy. Don’t believe it is this easy? Social Hacking has great power, especially when Caller IDs can be spoofed to look like they are coming from within the organization. Here is another example combining Caller-ID spoofing and Vishing… Caller ID Spoofing.
The entire organization needs to be security conscience. There are many sophisticated systems to detect attempted security breaches, but the simple social attack is just as effective.
The bottom line… spend a little time training your workers to be security aware. Your systems can only protect you to a certain level.