Security News > 2022 > July > Hackers impersonate cybersecurity firms in callback phishing attacks
Hackers are impersonating well-known cybersecurity companies, such as CrowdStrike, in callback phishing emails to gain initial access to corporate networks.
Over the past year, threat actors have increasingly used "Callback" phishing campaigns that impersonate well-known companies requesting you call a number to resolve a problem, cancel a subscription renewal, or discuss another issue.
In a new callback phishing campaign, the hackers are impersonating CrowdStrike to warn recipients that malicious network intruders have compromised their workstations and that an in-depth security audit is required.
These callback phishing campaigns are focused on social engineering, explaining in detail why they should be given access to a recipient's device, as shown in the email snippet below.
In a report by CrowdStrike, the company believes this campaign will likely lead to a ransomware attack, as was seen with previous callback phishing campaigns.
Callback phishing campaigns became common in 2021 with the launch of the BazarCall phishing campaigns used by the Conti ransomware gang to gain initial access to corporate networks.
News URL
Related news
- Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks (source)
- US Sanctions Chinese Cybersecurity Firm for 2020 Ransomware Attack (source)