Phishing Campaign Uses “Callback” to Impersonate Security Companies
There is a new phishing campaign that is set up as a “callback.” For this particular campaign, they impersonate well-known security companies to try to trick potential victims to make a phone call that can lead them to download dangerous malware.
This typical phishing campaign is designed to trick a victim into replying to a phishing email that states the recipient’s company has been breached and they need to call the number that is included in the email. If the targeted person does make the phone call, the person on the other end directs them to a website that has malicious intent.
More specifically, the email states that it’s coming from their company’s “outsourced data security services vendor” and the network your work station is a part of has detected “abnormal activity.” It then goes on to say that their IT Department has already been notified, but they now need them to call a particular phone number so they can perform an audit on their individual workstation. Once the potential victim calls this number, that is when the malicious activity starts.
In general it’s important to keep in mind that legitimate companies will usually never reach out to their customers through email with important information like this, demanding them to call a different phone number to resolve one specific issue. For any breach attempt, this is a red flag.
Categorised in: IT Threat