New Social Engineering Scenarios from Kevin Mitnick Allows IT Managers to Curb Automated Vishing Attacks
Tampa Bay, FL (Sept 16, 2014) -- KnowBe4 has announced the release of its automated Voicemail Phishing Security Test module, the first of its kind, giving IT Managers the ability to test users on social engineering via the phone. As criminals have expanded their repertoire, moving into new territory with automated voicemail phishing (vishing) attacks, KnowBe4 has countered with a new module loaded with five Kevin Mitnick VST Scenarios™ that can be used to keep users on their toes with security top of mind.
“Cyber criminals have moved into fully automated types of attacks, utilizing open source tools that allow thousands of dials per hour, attempting to trick end-users into giving out confidential information like their voicemail pin number, bank account and credit card information, and/or healthcare related data”, said Stu Sjouwerman, CEO of KnowBe4. “We now have a tool that can help arrest a user’s inclination to provide information.”
KnowBe4 customers will be able to upload a CSV file with employee phone numbers, choose a VST template, and start the campaign set-it-and-forget-it, very similar to the existing phishing security test campaigns KnowBe4 currently provides. The new Vishing Security Test (VST) now trains employees against social engineering attacks via the phone on their desk. If an end-user enters data via the telephone keypad in response to the VST, that means a “fail” which can be used as a reason for a short remedial training module.
“We’ve seen a massive increase of phishing and ransomware attacks in 2014 over previous years and cybercriminals are constantly looking for new ways to invade a network”, adds Sjouwerman. In KnowBe4’s recent September 2014 poll, nearly 90% of 300+ IT managers surveyed said they saw phishing attempts get through their filters every month. Frequent, effective Security Awareness Training is now an essential layer that can help data breaches like the recent Home Depot or JP Morgan Chase hacks.”
Individual employees may be targeted for seemingly innocuous information in a vishing scam and are caught unaware, providing key credentials or a way in to steal corporate data. KnowBe4 trains users on these new scenarios and how to recognize and avoid such social engineering attempts.The module plugs into the new KnowBe4 V3.5 cloud-based Admin Console for quick and easy deployment.
About Kevin Mitnick
Kevin Mitnick is an internationally recognized computer security expert with extensive experience in exposing the vulnerabilities of complex operating systems and telecommunications devices. He gained notoriety as a highly skilled hacker who penetrated some of the most resilient computer systems ever developed. Today, Mitnick is renowned as an information security consultant and speaker, and has authored three books, including The New York Times best seller Ghost in the Wires. His latest endeavor is a collaboration with KnowBe4, LLC.