Bengaluru: Barely two days after acknowledging that it was the victim of a ransomware attack, Cognizant is now facing a phone phishing attack. While the former disrupted both its own and client operations, the company has so far managed to fend off the latter.
After a few employees got calls, the corporate security team was alerted which promptly cautioned the staff. Phishing is an attempt to steal information through email or phone by pretending to be a person or organisation the receiver trusts. The indication in this case is that the callers are pretending to be IT staff and saying they are cleaning/updating systems and mitigating the impact of the ransomware attack.
Cognizant CFO Karen McLoughlin,in an email to employees, said, “We have an active phone-based phishing attack in progress targeting portions of our company. To protect our company and clients, it is essential that you do not follow directions from or provide information to a suspicious caller.” She said for the attack in progress, “associates are being asked to update their updates via a LogMeIn session. Do not take any actions on this as it is an attempt to take control of your system.”
The firm said it is strengthening security for key applications. “You will be required to enter a multi-factor authentication code when accessing Winzone (Salesforce) or PeopleSoft,” it said.
When TOI contacted Cognizant, its spokesperson said, “We have and will continue to routinely notify our employees to remain vigilant about so-called ‘phishing’ attempts. Cybercriminals are known to attempt to use company developments and global events as opportunities to attempt to gain access to credentials and we are no different than other organisations being targeted in this way. Our security teams constantly monitor for suspicious activities and take appropriate actions, including company-wide communications on security best-practices.”
The earlier Maze ransomware attack involved internal systems. In a US SEC filing, Cognizant said although it’s in the early stages of assessing this incident, the attack has caused and may continue to cause an interruption in parts of its business and may result in a loss of revenue and incremental costs that may adversely impact its financial results.
Click her for the original source of this story.