In August 2019, the security firm was informed that some of their customers were receiving tech support scam phone calls. The calls were impersonating TrendMicro tech support agents, they were appearing legitimate because the crooks were demonstrating a deep knowledge of the business relationship between the potential victims and TrendMicro.
TrendMicro investigated the calls and discovered that the attacks were not causal, instead, scammers were leveraging user data, a circumstance that suggested the involvement of insiders.
“In early August 2019, Trend Micro became aware that some of our consumer customers running our home security solution had been receiving scam calls by criminals impersonating Trend Micro support personnel.” reads a blog post published by Trend Micro.
“The information that the criminals reportedly possessed in these scam calls led us to suspect a coordinated attack.”
The investigation conducted by the company revealed that a TrendMicro employee performing unauthorized access to a customer support database and after stealing customer data was selling it to third-party tech support scammers.
“Although we immediately launched a thorough investigation, it was not until the end of October 2019 that we were able to definitively conclude that it was an insider threat,” continues the post. “A Trend Micro employee used fraudulent means to gain access to a customer support database that contained names, email addresses, Trend Micro support ticket numbers, and in some instances telephone numbers. There are no indications that any other information such as financial or credit payment information was involved, or that any data from our business or government customers was improperly accessed.”
Once identified the employee, the company immediately disabled the unauthorized account access and fired the man. Currently, the company is working with law enforcement on an ongoing investigation. and government customers that our investigations have shown no indication that the criminal has accessed any enterprise customer data.
Trend Micro revealed that the security incident affects less than 1% of Trend Micro’s 12 million consumer customers, the company confirmed that only targeted English-speaking users were impacted. According to the company, scammers have not accessed any enterprise customer data.
Users can contact Trend Micro technical support in their region at https://esupport.trendmicro.com for any questions or concerns.
(SecurityAffairs – hacking, scam)