The massive hack of MGM casinos, est. $100m in damages, was caused by a social engineering attack in which a caller to the company’s IT support team tricked them into “resetting” the caller’s password.
This prompted the interesting observation from rAVEe Pubs that many younger tech employees rarely talk on the phone and are uncomfortable doing so. “I’m not here to pass judgment on this trend, but it is important to train your staff to be competent using the telephone, even if they “don’t like phone calls.” They need to be able to detect social engineering of all forms, not just email phishing scams. Users need to know about phone phishing scams, vishing, and social engineering using text messages, which is known as SMS phishing or smishing,” reports the article.