Newsletter Content

Scammers Come at You From Every Direction

Scammers Come at You From Every Direction

Imagine this scenario: you’re going about your daily tasks when you receive an email from a cybersecurity company claiming that you have become the target of a hacking attack. Now, you don’t work in IT, so you’re not sure what your security agency is or what security policies or procedures you have in place, so you trust the message and respond to the email. Unfortunately, the message came from a cyberthreat, and now you are on their hook, line and sinker.

Cyberthreats Can Masquerade as Cybersecurity Companies

Believe it or not, hackers have the gumption to impersonate cybersecurity companies and trusted resources in an attempt to subvert even the most careful employees. One such phishing campaign has been detailed by the security researchers at CrowdStrike, a company who has had their name dragged through the mud by cyberthreats impersonating them. This particular campaign had users calling a fake helpline to get support, which in this case means that the hacker remotes into a victim’s computer while the user is helpless on the other side of the line.

The worst part is that for someone who isn’t necessarily scrutinizing the message, it could be seen as legitimate. The email contains language about outsourced security providers, something which is increasingly common nowadays, abnormal activity, and potential compromise, all of which could be misconstrued as true if you aren’t careful. The phony email contains a case number and contact information to address the concern. When the victim calls the number, the hacker installs a remote access tool onto their device, allowing them to gain access to the device at their leisure.

What’s the Motive?

As for the motive behind such an attack, it’s not necessarily clear at the moment. It could be that the attackers simply want to infect systems for later remote access. It is also possible that they want to profit off these infections by selling access to infected devices to the highest bidder. In any case, it’s a dangerous situation to be in, and certainly one that you should be wary of.

What Should You Do?

In just about all circumstances, your security company or department is not going to contact you in the way addressed above. It’s incredibly important that your employees know this, too. To keep you from making the same mistakes outlined above, we recommend you do the following:

  • Verify the sender’s identity through secondary methods
  • Look for spelling errors, grammatical issues, or inconsistencies
  • Contact your own IT department, not the one in the email

White Mountain IT Services can be your trusted IT resource, and we promise we won’t have you call some phony support line to get the help you need to secure your infrastructure. We’ll take care of the details behind the scenes so that you barely have to worry about it in the first place. To learn more about what we can do for your business, reach out to us at 603-889-0800.

Onsite Service Coverage Area

Although we provide remote services and support to businesses in over 20 states, onsite services are limited to within reasonable driving distance from our offices in NH.  We will manage a local vendor for locations outside of our service area to provide onsite assistance when needed.

 

Onsite Computer Support Services are available to businesses within 60 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH, and then down into Boston. From Northern and Central Mass, we cover from Worcester, east to the North Shore, including the Salem and Portsmouth NH area.

White Mountain IT Services

 


33 Main St, Suite 302
Nashua, NH 03064

 


121 Riverfront Drive
Manchester, NH 03102

 

Client Help Desk
603-889-2210

 

Open Positions