Home Real-life Cyberattacks Cases

Real-life Cyberattacks Cases

Hacker Deepfakes Colleague's Voice in Phone Call to Breach IT Company.

A hacker used AI to counterfeit the voice of a colleague and infiltrate an IT company. The breach, involving 27 cloud clients, took place in August. The hacker initiated the intrusion by sending text messages to several employees, claiming to be from a member of the IT team reaching out to address a payroll receipt issue preventing employees from receiving health coverage. Most employees who received the phishing message refrained from responding, except for one. The unsuspecting employee clicked on a URL in the message, redirecting them to a fake internet portal for login. After logging into the portal, which included a multi-factor authentication form, the hacker called the employee using an AI-powered deepfake.

arrow icon Full story here.

What prevention measures can be taken to avoid these situations:

Cyberattacks are constantly evolving, and there is no way to eliminate them definitively. However, there are prevention measures and best practices that can help avoid a cyber attack situation or mitigate damages when it occurs. It is important to know how to act before, during, and after a cyber attack, both individually and as an integral part of an organization. In this real case, the following best practices for prevention stand out:

Employee Awareness and Training

More than ever, cybersecurity awareness is crucial. Employees are a crucial part of an organization's success, and in this case, the cyber attack occurred because an employee was deceived. To avoid such situations, employees need to understand how cyber attacks develop, how cyber attackers typically operate, and how to respond in case of suspected cyber attacks. If all employees are informed about cybersecurity best practices, there is a lower risk of falling victim to deception.

Multifactor Authentication

Although the form requested a second factor, authentication was not 100% secure since the code was available on more than one device. Multifactor authentication is a secure and effective method; however, with the development of AI, it has presented various vulnerabilities that cyber attackers have managed to exploit. In this case, the employee shared the code, but the attacker could still gain access because the code was visible on the devices where the login was performed. It is important to test all security methods and understand if there is a way to circumvent them, making them increasingly secure to reduce the likelihood of failure.

Email and Message Filtering

Implementing effective email and message filters is a feasible measure to detect and block phishing messages before employees receive them.

Regular Software and System Updates

It is important to keep all systems, devices, and software up to date. Regular updates and maintenance can be some of the most effective measures to prevent a cyber attack, especially in cases where there is a direct attack on the company's system.

Phishing Attack Simulation Tests

A good practice to consider for preventing these types of attacks is the conduct of simulation tests. In addition to employee training, conducting phishing attack simulation tests would be beneficial, as these are the most common types of attacks. This way, employees can put into practice what they have learned in training, know how to act in an attack scenario and be better prepared, which could have been a crucial measure in this case.

Cybersecurity newsletter

Do you want to receive our newsletter?

Subscribe here

Contact us.

Headquarters

Edifício Atrium Saldanha
Praça Duque de Saldanha, nº 1, 2º andar
1050-094, Lisboa | Portugal
T: +351 21 33 03 740
E: info@integrity.pt

And we are present in 18 more countries across EMEA.
world map
 




Cookie Consent X

Devoteam Cyber Trust S.A. uses cookies for analytical and more personalized information presentation purposes, based on your browsing habits and profile. For more detailed information, see our Cookie Policy.