Call Us
0808 164 4142
ServiceDesk
Blog
Careers
Contact Us

Wednesday, 27 November 2024

Impersonation in Action: How Fake IT Support Threatens Your Security

Learn how social engineering exploits IT support impersonation to compromise security and discover Grant McGregor's solutions to protect your organisation from these sophisticated attacks.

In the world of cybersecurity, there are few threats as deceptively simple yet devastatingly effective as social engineering. These attacks exploit the human element - tricking individuals into granting access, revealing sensitive information or performing actions that compromise their organisation’s security.

The sophistication of these tactics is growing, underscoring the importance of robust security measures like Grant McGregor’s Enhanced Security Service (ESS) which includes Bitdefender’s Managed Detection and Response (MDR).

 

What is Social Engineering?

Social engineering involves manipulating individuals to bypass standard security protocols. Threat actors often pose as trusted figures - such as IT support staff - to deceive victims into granting access to systems or data. Microsoft Teams and Quick Assist, commonly used collaboration and remote support tools, have recently been exploited in these schemes.

 

cyber security risk

 

Recent examples of Social Engineering in action

Bitdefender’s MDR teams have observed campaigns where attackers impersonate IT support personnel on Microsoft Teams. These criminals use seemingly legitimate Teams calls or messages to:

  • Query credentials or create new user accounts.

  • Send malicious links disguised as internal communications.

  • Encourage users to install tools like Quick Assist for remote access, which attackers then exploit to deploy ransomware or other malware.

For example, attackers linked to the Black Basta ransomware group have inundated users with spam messages and phishing attempts, pretending to resolve “system issues” through these platforms. Once trust is gained, they use Quick Assist to escalate privileges and execute malicious activities.

 

Why it matters

These attacks highlight the need for organisations to remain vigilant about seemingly trusted communication tools. Teams and Quick Assist are essential for modern workflows but are also prime targets due to their ubiquity and trusted status within organisations.

 

Key Risks include:

  • Credential Theft: Impersonation allows attackers to gather usernames, passwords, or even MFA tokens.

  • Malware Deployment: Tools like Quick Assist can serve as vectors for ransomware or other threats.

  • Data Leakage: Sensitive information shared within these platforms can be intercepted if adequate protections aren’t in place.

 

How we can help your business

Grant McGregor’s ESS, which works with Bitdefender’s MDR, offers advanced solutions to detect and neutralise these threats before they cause harm. With monitoring, anomaly detection and rapid response capabilities, ESS provides a shield against evolving threats.

 

Enhanced Security Service

Key Features of Bitdefender MDR:

  • Continuous Monitoring: Global security operations centres watch for unusual activities, such as unexpected remote access or phishing attempts.

  • Rapid Response: Pre-approved actions enable swift containment of attacks.

  • Collaborative Intelligence: Bitdefender collaborates with vendors and researchers to stay ahead of emerging threats.

 

How to Stay Secure:

Organisations can also adopt best practices to minimise the risks associated with social engineering:

  1. Enable Multi-Factor Authentication (MFA): Strengthen access controls for Teams and other Microsoft services.

  2. Educate Employees: Train staff to identify phishing attempts and verify suspicious requests through alternate channels.

  3. Restrict Quick Assist Usage: Limit this tool to authorised IT personnel and disable it for general users.

  4. Monitor Remote Access: Use tools like ESS to log and analyse remote access patterns.

  5. Encourage Reporting: As we discussed in our recent blog, organisations need to foster a culture where employees feel empowered to report suspicious activity without fear of repercussions.

IT support frustrated

Social engineering attacks are a stark reminder that cybersecurity is as much about people as it is about technology. By leveraging Grant McGregor’s Enhanced Security Service, which includes Bitdefender MDR, organisations can stay one step ahead of attackers, safeguarding their assets and reputation.

For more information on our Enhanced Security Service, visit Grant McGregor ESS today.

 

What next?

Call us: 0808 164 4142 

Message us: https://www.grantmcgregor.co.uk/contact-us

Contact Us

 

Recent Posts