Organizations are increasingly facing cybersecurity threats where attackers use social engineering tactics to bypass security controls. A current trend involves targeting IT help desks and call centers with techniques like voice-altering technology and publicly available information to impersonate employees. These attackers aim to trick support personnel into resetting passwords and redirecting multi-factor authentication (MFA) codes to unauthorized devices, gaining access to sensitive systems.
To counteract this threat, organizations should be vigilant about all requests, especially those made over the phone, and ensure secure protocols are in place to prevent unauthorized changes to passwords and MFA credentials. IT and help desk personnel are encouraged to remain cautious and to double-check the identity of any individual requesting authentication modifications, as these may be attempts to exploit internal systems.
Raising awareness among all staff, especially those handling support requests, and emphasizing thorough identity verification can significantly reduce the risk of unauthorized access. For best practices and further information on preventing social engineering and phishing attacks, refer to resources provided by the U.S. Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA).
Benefit Allocation Systems (BAS) provides best-in-class, online solutions for: Employee Benefits Enrollment; COBRA; Flexible Spending Accounts (FSAs); Health Reimbursement Accounts (HRAs); Leave of Absence Premium Billing (LOA); Affordable Care Act Record Keeping, Compliance & IRS Reporting (ACA); Group Insurance Premium Billing; Property & Casualty Premium Billing; and Payroll Integration.
MyEnroll360 can Integrate with any insurance carrier for enrollment eligibility management (e.g., Blue Cross, Blue Shield, Aetna, United Health Care, Kaiser, CIGNA and many others), and integrate with any payroll system for enrollment deduction management (e.g., Workday, ADP, Paylocity, PayCor, UKG, and many others).