Agent Verify.
Part of the ATO Protect Suite, Agent Verify (patent-pending) is a simple solution to stopping sophisticated social engineering attacks.
Cyber criminals are calling employees posing as company IT Help desk agents and persuading them to install software, disclose credentials and give remote access. Agent Verify provides a simple and secure way for employees to verify that a caller claiming to be from the IT help desk is legitimate.
Use Cases
IT Help Desk agents calling employees
Banks calling customers to verify transactions
EComm retailers calling customers to verify orders
Title/Escrow/Mortgage companies calling home buyers
Healthcare providers calling patients
Any brand that suffers from phishing over the phone
When receiving such a call, the employee is trained to ask for the agent’s Verify Code, which is unique to both the agent and the call. The employee then navigates to a dedicated internal company page where the code is entered agent’s identity is confirmed.
Agent Verify codes are:
· Single-use and time-limited
· Impossible to spoof or intercept via man-in-the-middle attacks
· Only shared by agents during outbound calls they initiate
Once the agent is verified, the employee can proceed with confidence. If the agent cannot provide a verifiable code, the employee is instructed to end the call and report the incident.
Social engineering stopped with Trusona Agent Verify.
One of Scattered Spider’s most effective and recognizable tactics involves impersonating IT help desk personnel via phone calls or text messages to obtain credentials or persuade employees to install remote access software.
– Torsten George |