The Friendly Face of Cybercrime
The recent MGM breach serves as a wake-up call for businesses of all sizes – especially MSPs – emphasizing the urgent need to defend against social engineering threats.
As an MSP owner, you’re no stranger to the cyber threat landscape – how it’s constantly evolving and shifting as cybercriminals find new ways to make honest, hardworking citizens’ lives a living nightmare. But one truth remains, and it’s a truth we’re revisiting in this blog post:
Cyberattacks are not always launched by an act of technical wizardry or digital deception. Oftentimes, they begin with a simple phone call, and wear a friendly face – and that’s what makes them truly scary.
The Friendly Face of Cybercrime
For most people, the word “hacker” conjures an image of a guy typing furiously in a dark basement, pausing only to rub his palms together and cackle like a movie villain.
But the truth is, cyberattacks often wear a much friendlier face – and that’s what makes them so effective.
Take the recent attack on MGM – a devastating breach that has cost the casino giant $52 million in lost revenue (and counting). Plus, think about the reputational damage!
It started with a 10-minute phone call. The threat actor – purportedly part of the ransomware gang ALPHV – found an MGM employee on LinkedIn, called the help desk pretending to be that employee, and asked for a password reset.
And just like that, this cybercriminal gained access to MGM’s network.
Social Engineering – The Biggest Threat to Your MSP
The threat actors responsible for the MGM breach used “social engineering” (a fancy term for tricking people).
Social engineering doesn’t rely on technology; it relies on human nature – on how much trouble we have saying “no” to someone who is polite, convincing, friendly.
It turns out we have A LOT of trouble with this, which explains why 98% of cyberattacks use some form of social engineering!
And when 43% of all cyberattacks are on small to medium-sized businesses (SMBs), having a robust defense against social engineering isn’t just a good idea; it’s a necessity.
ID 20/20 – Your Solution Against Social Engineering
You can’t change human nature, but you can give your MSP a tool that stops social engineering attempts in their tracks.
Our patented ID 20/20 software is purpose-built for MSPs, delivering a user-friendly, cost-effective, and supremely effective defense against social engineering threats. We understand that MSPs require robust tools not only to protect their own sensitive data but that of the businesses they serve, and failure to do so could lead to catastrophic breaches with far-reaching consequences. You are in effect a gateway to a whole network of organizations and a veritable treasure trove of sensitive information.
How does it work?
ID 20/20 enlists MFA (multi-factor authentication) to verify a live caller’s identity.
When “John” calls your MSP’s help desk, how do you know it’s really John?
If you have ID 20/20 software, a code is sent to so-called John’s email or cell phone. If “John” can’t verify the code, there’s a good chance he’s not really John.
The whole thing takes less than a minute, requires zero downloads, and will protect your MSP – and your clients – against the most common type of cyberattack. We’re confident that if MGM had implemented a solution like ID 20/20, they could have sniffed out the threat actor right away and saved themselves millions.
We’ve made ID 20/20 cost-effective for small and mid-sized MSPs, convenient for your end clients, and the last thing hackers want to encounter when they come for your business.
Click here to discover why ID 20/20 is quickly becoming the go-to live caller verification tool for SMBs across the country, and a popular choice for MSPs of all sizes. If you’re interested in using ID 20/20 at your MSP business, you can schedule a call and we’ll go from there!
Do we hope your organization decides to use ID 20/20 as a defense against social engineering attacks? Of course! We’re proud of the tool and know it makes MSPs and the businesses they serve immeasurably more secure.
But whatever you decide to do, please – PLEASE – don’t do nothing. Social engineering attempts are rampant and they’re wreaking havoc in both public and private sectors. Make today the day you took a stand.