This is a simple case of a malicious actor asking for access, and the victim is handing access over. QuickAssist, ScreenConnect, TeamViewer, Teams, Zoom, etc all have been used for this purpose.
It no sounds like it starts with a vishing phone call. Lots of people will ask Microsoft to fix this somehow, but no one ever seems to blame the phone services or demand they fix it.
Couldn't agree more. I have no idea why phone companies are not being held accountable for allowing this. For email, it's a solved problem. Why not phone?
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
Community Rules
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world