Show Notes

Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/
Follow on Twitter: twitter.com/IDTheftCenter 

Show Transcript

Not Remotely Funny

Welcome to the Identity Theft Resource Center’s (ITRC) Weekly Breach Breakdown for February 18, 2022. Our podcast is possible thanks to support from Experian. Each week we look at the most recent events and trends related to data security and privacy. We are nearing the two-year mark for the global pandemic sending most of the U.S. workforce home to spend hours a day on Zoom calls. This has given rise (finally) to some terrible puns about working from home – most of them are not remotely funny. Get it? Remotely funny…work from home…anyway…we will be talking about a cyber risks targeting those using virtual meeting apps: business email compromise (BEC) attacks.

The Rise in Remote Work

At the height of the COVID-19 related lockdown, about 70 percent of full-time workers were remote. That’s dropped down to about one in four today. However, Gartner's research shows that 80 percent of the in-office and remote workforce still rely on Zoom and Microsoft Teams for the bulk of their interactions.

The Cyber Risks in Working from Home

Anytime there is a significant shift in how organizations and consumers go about their business, there is often a cybercriminal waiting to exploit the new way of doing things. There was much fear about the cyber risks associated with remote workers accessing office networks from home at the beginning of the pandemic. However, as it turns out, there is a bigger risk: cybercriminals posing as executives in virtual meetings on Zoom and Microsoft Teams or attaching malicious files in the chat functions of collaboration apps, especially Microsoft Teams.

New FBI Report on Business Email Compromise Attacks

This week the Federal Bureau of Investigation (FBI) issued an alert that identity criminals were launching BEC attacks against businesses using virtual meeting apps. The scams involve criminals tricking company employees into transferring money by pretending to be the CEO or CFO of the business. One attack vector noted by the FBI involves hijacking an executive’s email to invite employees to a virtual meeting, then using the chat function or email to request a funds transfer. The fake executive posts a picture of the real company leader but claims their internet connection is bad and they can’t turn on their camera or audio.

There have also been reports on BEC attacks where criminals use stolen email login and passwords to join virtual meetings to gather intel they can use later to prove they are who they claim to be – even when they are not. Meanwhile, cybersecurity researchers reported finding a campaign where cybercriminals are putting malicious files into the chat area of Microsoft Teams. When someone participating in the virtual meeting clicks on the attachment, malware is opened that can eventually take over the user’s computer. 

The Evolution of Malware & Business Email Compromise Attacks

Both of these attack vectors, a BEC attack or a malware attack, represent another innovation on the part of cybercriminals. It’s not especially difficult to get access to one of the virtual meeting platforms once you have someone’s email credentials. Once in Zoom or Microsoft Teams, a few additional security protocols prevent malicious files from being shared, and most users trust the platform without question. They see a link in the chat, and they click on it. They see the boss on the screen, even if they can’t see or hear them, and they do what they ask. The bad guys know it.

How to Avoid Malware & Business Email Compromise Attacks

The best way to avoid falling victim to these new forms of BEC attack is to follow well-established best practices for avoiding phishing scams or malware attacks: don’t trust any link, file, or request until you have verified it is legitimate. 

Contact the ITRC

If you want to learn more about cybersecurity practices, how to protect your personal information, or if you think you have been the victim of an identity crime or compromise like a BEC attack, visit our new website www.idtheftcenter.org. From there, you can speak with an expert Identity Theft Resource Center (ITRC) advisor on the phone (888.400.5530), chat live on the web, or exchange emails during our normal business hours (Monday-Friday 6 a.m.-5 p.m. PST).

Be sure to join us next week for our sister podcast, The Fraudian Slip, when ITRC CEO Eva Velasquez and Seth Sattler talk about the identity risks and rewards of cryptocurrency.

Thanks again to Experian for supporting the ITRC and this podcast. We will be back in two weeks with another episode of the Weekly Breach Breakdown.