<div dir="ltr"><div><div dir="ltr" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr">
<table bgcolor="#ffffff" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td align="left" valign="top">
<table cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td style="border-top:0px solid rgb(0,0,0);border-bottom:1px solid rgb(255,255,255);background-color:rgb(255,255,255);text-align:center" align="center"><span style="font-size:10px;color:rgb(96,96,96);line-height:200%;font-family:verdana;text-decoration:none">Email
not displaying correctly? <a href="http://www.oplin.org/4cast/" style="font-size:10px;color:rgb(0,0,255);line-height:200%;font-family:verdana;text-decoration:none" target="_blank">View
it in your browser.</a></span></td>
</tr>
<tr>
<td style="border-top:0px solid rgb(51,51,51);border-bottom:0px solid rgb(255,255,255);background-color:rgb(255,255,255)">
<center><a><img id="m_1605951904586901259editableImg1" src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/4cast_email_header.png" title="OPLIN" alt="OPLIN 4Cast" align="middle" border="0"></a></center>
</td>
</tr>
</tbody>
</table>
<table style="width:763px;height:877px" bgcolor="#ffffff" cellpadding="20" cellspacing="0">
<tbody>
<tr>
<td style="font-size:12px;color:rgb(0,0,0);line-height:150%;font-family:'Gothic Sans',sans-serif" bgcolor="#ffffff" valign="top">
<p>
<span style="font-size:20px;font-weight:bold;color:rgb(0,0,0);font-family:arial;line-height:110%">OPLIN 4Cast #684: Vishing is the new phishing, and it's way more effective</span><br>
<span style="font-size:11px;font-weight:normal;color:rgb(102,102,102);font-style:italic;font-family:arial">September 2nd, 2020</span></p>
<p style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><img align="left" src="https://4cast.oplin.org/wp-content/uploads/2020/08/cell-phone-690192_1920.jpg" alt="Hands holding a cell phone" width="130" height="94" style="padding-right:14px;padding-top:4px;padding-bottom:4px">
The spelling of the word "phishing" was influenced by the earlier word "phreaking," which described the hacking of telephone systems. And now the word evolves further, because "vishing," <em>voice phishing</em>, is on the rise. Combining the tools of email phishing with the techniques of telephone scams, novice telecommuters are being tricked into giving up login credentials to their corporate networks.
</p><ul>
<li style="list-style-type:none">
</li><li style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><a href="https://krebsonsecurity.com/2020/08/voice-phishers-targeting-corporate-vpns/" target="_blank">Voice Phishers Targeting Corporate VPNs</a> [<em>Krebs on Security</em>] "One increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees."</li>
<li style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><a href="https://www.zdnet.com/article/fbi-and-cisa-warn-of-major-wave-of-vishing-attacks-targeting-teleworkers/" target="_blank">FBI and CISA warn of major wave of vishing attacks targeting teleworkers</a> [<em>ZDNet</em>] "The actors used social engineering techniques and, in some cases, posed as members of the victim company's IT help desk, using their knowledge of the employee's personally identifiable information—including name, position, duration at company, and home address—to gain the trust of the targeted employee."</li>
<li style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><a href="https://www.wired.com/story/phone-spear-phishing-twitter-crime-wave/" target="_blank">The Attack That Broke Twitter Is Hitting Dozens of Companies</a> [<em>Wired</em>] "The hackers' phishing site that allows that spoofing, unlike the kind usually linked in a phishing email, is usually created only for that specific phone call and is taken down immediately after the hackers steal the victim's credentials. The vanishing website and the lack of email evidence makes this sort of phone-based engineering often harder to detect than traditional phishing."</li>
<li style="text-align:justify;font-size:16px;font-family:arial;line-height:110%"><a href="https://fcw.com/articles/2020/08/21/johnson-vishing-cisa-fbi.aspx" target="_blank">Voice phishing attacks on the rise, CISA, FBI warn</a> [<em>Federal Computer Week</em>] "Recommended mitigation techniques include restricting VPN use to managed devices, restricting log in periods, and monitoring suspicious new domains that could be used to impersonate a company's internal help desk."</li>
</ul>
<div style="text-align:left"> </div>
<p style="text-align:left;font-size:20px;font-family:arial;line-height:110%"><small><strong><em>From the <a href="http://ohioweblibrary.org" target="_blank">Ohio Web Library</a>:</em></strong></small><br>
</p>
<div style="text-align:justify;font-size:16px;font-family:arial;line-height:110%">
<ul>
<li>Baron, Laura. “<a href="https://proxy.oplin.org:2111/login.aspx?direct=true&db=buh&AN=22696002&site=ehost-live" target="_blank">Gone Vishing</a>.” <em>Journal of Accountancy</em>, vol. 202, no. 3, Sept. 2006, p. 15.</li>
<li>“<a href="https://proxy.oplin.org:2111/login.aspx?direct=true&db=f5h&AN=23178847&site=ehost-live" target="_blank">Beware of Phishing--and Vishing</a>.” <em>Nursing</em>, vol. 36, no. 12, Dec. 2006, p. 66.</li>
<li>Turner, Myra Faye. <em><a href="https://proxy.oplin.org:2111/login.aspx?direct=true&db=nlebk&AN=1469435&site=ehost-live" target="_blank">The Young Adult’s Guide to Identity Theft : A Step-by-Step Guide to Stopping Scammers</a></em>. Atlantic Publishing Group Inc, 2017.</li>
</ul>
</div>
<div style="text-align:left"> </div>
</td>
</tr>
<tr>
<td valign="top" width="760"><span style="font-size:10px;color:rgb(96,96,96);line-height:100%;font-family:verdana">
<hr>
<div style="text-align:justify">The <strong><em>OPLIN
4cast</em></strong>
is a weekly compilation of
recent headlines, topics, and trends that could impact public
libraries. You can subscribe to it in a variety of ways, such as: <br>
</div>
<div style="text-align:left"> </div>
<ul>
<li style="text-align:justify"><strong>RSS feed.</strong>
You
can receive the OPLIN 4cast
via RSS feed by subscribing to the following URL:
<a href="http://www.oplin.org/4cast/index.php/?feed=rss2" target="_blank">http://www.oplin.org/4cast/index.php/?feed=rss2</a>. </li>
<li style="text-align:justify"><strong>E-mail.</strong>
You
can have the OPLIN 4cast
delivered via e-mail (a'la OPLINlist and OPLINtech) by subscribing to
the 4cast mailing list at
<a href="http://lists.oplin.org/mailman/listinfo/OPLIN4cast" target="_blank">http://lists.oplin.org/mailman/listinfo/OPLIN4cast</a>. </li>
</ul>
</span> </td>
</tr>
<tr>
<td style="text-align:center;font-family:'Century Gothic',sans-serif;border-top:0px solid rgb(255,255,255);background-color:#2c4587;color:#fff" valign="top" width="760">© 2020 Ohio Public Library Information Network<br>
<a href="http://www.slideshare.net/oplin" title="Find us on Slideshare" target="_blank"><img src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/slideshare3.png" alt="Find us on Slideshare"></a>
<a href="http://www.facebook.com/oplin.org" title="Find us on Facebook" target="_blank"><img src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/facebook_0.png" alt="Find us on Facebook"></a>
<a href="https://plus.google.com/107751358238995507967" title="Find us on Google+" target="_blank"><img src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/google+.png" alt="Find us on Google+"></a>
<a href="http://www.twitter.com/oplin" title="Find us on Twitter" target="_blank"><img src="http://www.oplin.org/4cast/wp-content/themes/unlimited/assets/images/twitter_0.png" alt="Find us on Twitter"></a>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</div></div></div></div></div></div></div></div>