You may have seen recent headlines from The Cybersecurity and Infrastructure Security Agency (CISA) about how cyber criminals are using legitimate remote monitoring and management (RMM) software to try to infiltrate your network. You can read the alert here.
Basically, the scam works like your typical phishing scam. Either it’s a spear phishing scam or phishing scam using common companies like Amazon, Geek Squad, Microsoft, or similar, where they pretend to be one of those companies, say you owe them money, and they trick you to going to a website they control that looks like the major company’s site.
One you’re there, they’ll then try to get you to install their RMM agent. Once that’s installed, they now fully control your computer and can pretty much do whatever they want with it and its data.
Weston uses an RMM tool, as do most managed service providers (is using an MSP a risk to your business?) We have our RMM agent installed on all our client’s computers. They are incredible valuable to a company like ours as it gives us alerting and automation that keep your computers and systems running smoothly and allows us remote access when you need our help. We’re an audited IT company who takes security very seriously and responds appropriately to security incidents. If our RMM agent isn’t working properly, we may occasionally ask a client to go to a website similar to one of those hackers that will allow us to reinstall our tools. We will never email you asking you to download something without first having a conversation and a ticket going so you can verify it is truly us. If anything feels off about a conversation from someone that says they are with Weston, ask for the ticket number for the issue you are having, let them know you will call them back and then call our number and verify with a team member that the request and ticket number are valid.
Security is very dry, but it’s extremely important to your business.