Vishing 101: Inside the Mind of a Hacker

CEO Bart McDonough shares his story about the time he posed as a Bloomberg employee and gained remote access to every computer at an NYC-based investment firm.

Cybersecurity awareness training is a must-have for your employees. Contact us, we can help educate your end users on how to spot and evade an cyber-attacks—so your firm doesn’t become another cautionary tale.

Transcription:

So we looked up Bloomberg, and we started calling them. You can change the display name on your phone to show up as whatever you want. So we call them from Bloomberg.

“Hey this is Bart from Bloomberg. I just talked to Joe your CTO.”

How did we look that up? It was on their website.

“Just talked to Joe. We realized there’s a cybersecurity issue. I need to get on your computer to fix something with regards to your Bloomberg, but if now’s not a good time that’s fine.”

So I wasn’t super aggressive.

“I just need you to know that by 4 o’clock your Bloomberg will stop working.”

Because investment people don’t care about their investments and what the prices are going to be. They don’t care about that, right?

So they said, “Fine, fine, fine. How long will it take?”

Bart from Bloomberg: “In five minutes you’ll be fine.”

So we sent them a link. They click on it. We’re on their machine. We were 27 for 27.

We call number 28, and he is onto us. Older gentleman. Super grumpy. He wanted nothing to do with this call. Getting a little hostile. A little irate. Just as he was about to hang up, the partner that sat next to him was walking by and said, “Oh are you on with Bart from Bloomberg? It’s super easy, let me just show you. It took a second.”

He jumped in and did it. Kicked grumpy pants out of the way, and we got on. 28 for 28. We got on all of their computers. Physically, albeit remotely. They didn’t see it. We were actually on their computers.

“I just need you to know that by 4 o’clock your Bloomberg will stop working.”

Because investment people don’t care about their investments and what the prices are going to be. They don’t care about that, right?

So they said, “Fine, fine, fine. How long will it take?”

VIEW MORE

Share post

LinkedInTwitterFacebookEmail
LIMITED TIME OFFER
Get 25% off XDR when bundled with Managed IT.
Did you know that firms that bundle managed IT and XDR with Agio are 80% less likely to have a vulnerability escalate to an incident than those who take only one service? Let's get you protected.
Let's get you protected.
Offer valid until 12.13.21

Testing normal
popup heading

Lorem ipsum dolor sit amet, consectetur adipiscing elit. In id magna viverra, accumsan dui vel, dapibus tortor. Mauris ac bibendum enim, eget volutpat ipsum. In pretium finibus ante, a volutpat purus. Maecenas diam ipsum, euismod id magna quis, aliquam sodales mauris. Maecenas sed lectus tellus. Sed bibendum vestibulum neque, sit amet blandit tellus tincidunt a. Proin condimentum odio eget ante venenatis, ut euismod lorem viverra. Nulla et odio quis ante tempus mollis.

Maecenas euismod, tortor id elementum sollicitudin, augue dui tempor felis, quis egestas neque purus id nunc. Etiam commodo enim libero, et viverra enim finibus non. Vivamus sed suscipit quam, vel mattis urna. Aliquam erat volutpat. Proin accumsan leo elementum finibus cursus. Suspendisse potenti. Donec tempor nisi mauris, elementum viverra magna rhoncus non. Integer sit amet velit non elit maximus venenatis nec id ipsum. Pellentesque velit mi, pellentesque eget lectus vel, sagittis vehicula lorem. Ut vel mi viverra, mattis ante in, sodales lacus.