This is a simple case of a malicious actor asking for access, and the victim is handing access over. QuickAssist, ScreenConnect, TeamViewer, Teams, Zoom, etc all have been used for this purpose.
It no sounds like it starts with a vishing phone call. Lots of people will ask Microsoft to fix this somehow, but no one ever seems to blame the phone services or demand they fix it.
Couldn’t agree more. I have no idea why phone companies are not being held accountable for allowing this. For email, it’s a solved problem. Why not phone?
Add comment