New Vishing Attack Targets 160,000 End Users: Armorblox

As tax season approaches, cybercriminals are getting more creative in their attempts to steal sensitive information. Armorblox has released its newest research on the latest attack that impersonated one of the most trusted government entities in the US, the Social Security Administration, in an attempt to prey on the trust and uncertainty that many end-users experience during tax season.

These emails, targeting over 160,000 end users of a large educational institution, bypassed native email security.

How it Works: In this attack, end users were presented with an email, from what appeared to be the Social Security Administration, notifying them of suspicious activity that requires immediate action. For recipients who opened the attachment, they were welcomed with a blunt account suspension letter on what looks like official SSA letterhead. The end goal of this targeted vishing email attack was to get victims to open the email attachment, call the customer support number included, and render personal information.

You can read the research here.

Leave a Reply

%d bloggers like this: