On Christmas Eve, one of our high-profile clients - a respected medical professional - was targeted in a sophisticated cyberattack that began with failed attempts to breach their business systems.
Thanks to our security controls, those business attacks failed. But the hackers pivoted.
They located the client's home address and attacked the residential network, entering through a standard cable modem provided by a well-known ISP. The client had a basic setup - a cable modem and Wi-Fi extenders - and believed this was enough protection.
It wasn't.
Here's how the attackers got in:
- The default admin password for the modem's internal settings had never been changed.
- The attackers likely used insider knowledge or prior experience to access the modem remotely.
- Once inside, they monitored traffic to identify banking sites, device types, and online activity.
Then came the real hit:
- The attackers ported the client's phone numbers to burner phones.
- They triggered password resets across bank accounts.
- Because they now controlled the phone number, all reset codes went directly to them.
- Within minutes, accounts were accessed and funds were drained.
The client discovered their phone had stopped working. After contacting their mobile provider, the full picture became clear - they had been digitally impersonated and financially compromised.
Thankfully, quick action involving authorities helped recover assets. We've since fully secured the residence - but the warning remains urgent.
It's Happening Again - To Everyday Users
This isn't an isolated incident. Just this week, a colleague experienced a similar issue:
- He clicked "Forgot Password" on a website.
- The reset code was sent to his old phone number - a number now in someone else's hands.
- Because he never updated the number on his accounts, he lost control.
What You Should Do Now
To protect yourself, your family, and your business:
1. Change Default Passwords on your ISP-provided router.
2. Check Your Mobile Number on All Accounts.
3. Install a Home Firewall - don't rely solely on ISP equipment.
4. Monitor Your Accounts Regularly.
5. Be Cautious with Support Calls - some techs may retain backend access.
Final Thought: Stay Ahead of the Threat
Cybercriminals are growing smarter, faster, and more targeted. But with the right precautions, you can stay a step ahead.
If you'd like help reviewing your home or office setup, or need guidance on choosing secure hardware, we're here to help.
Stay safe, stay aware, and reach out with any questions.
Warm regards,
James W. Rotondo
CEO/President - ManagePointe MSP Services, Inc.
