"FBI Warns of Increase in Vishing Attacks"

The FBI is warning that hackers are increasingly using voice phishing, also known as vishing, to target remote workers as a way to harvest VPN and other credentials to gain initial access to corporate networks.  After gaining access to the network, many adversaries found that they had the ability to escalate privileges of the compromised employees' accounts, which allowed them to gain further access into the network, often causing significant financial damage.  Security experts suggest that organizations should train employees on how to spot these phishing attempts.  The FBI is also advising organizations to deploy multifactor authentication and review whether the level of access employees have to certain internal systems and networks is appropriate.

Gov Info Security reports: "FBI Warns of Increase in Vishing Attacks"