Cybercriminals use various social engineering attacks to impersonate trusted organizations and steal employee login credentials and sensitive corporate information, the Federal Bureau of Investigation (FBI) warns.
The latest Private Industry Notification (PIN) cautions enterprises and workers about the versatility of threat actors attempting to exploit the work-from-home workforce and potential security shortcomings.
“The FBI has noticed a shift in cybercriminal strategy to gather and compromise employee accounts, regardless of what corporate position a worker may hold,” the PIN reads. “Cyber criminals are trying to obtain all employees’ credentials, not just individuals who would likely have more access based on their corporate position.”
