Security News > 2022 > July > Hackers impersonate cybersecurity firms in callback phishing attacks
Hackers are impersonating well-known cybersecurity companies, such as CrowdStrike, in callback phishing emails to gain initial access to corporate networks.
Over the past year, threat actors have increasingly used "Callback" phishing campaigns that impersonate well-known companies requesting you call a number to resolve a problem, cancel a subscription renewal, or discuss another issue.
In a new callback phishing campaign, the hackers are impersonating CrowdStrike to warn recipients that malicious network intruders have compromised their workstations and that an in-depth security audit is required.
These callback phishing campaigns are focused on social engineering, explaining in detail why they should be given access to a recipient's device, as shown in the email snippet below.
In a report by CrowdStrike, the company believes this campaign will likely lead to a ransomware attack, as was seen with previous callback phishing campaigns.
Callback phishing campaigns became common in 2021 with the launch of the BazarCall phishing campaigns used by the Conti ransomware gang to gain initial access to corporate networks.
News URL
Related news
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Chinese hackers targeted sanctions office in Treasury attack (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)
- Google says hackers abuse Gemini AI to empower their attacks (source)
- How to Prevent Phishing Attacks with Multi-Factor Authentication (source)
- Hacker pleads guilty to SIM swap attack on US SEC X account (source)
- whoAMI attacks give hackers code execution on Amazon EC2 instances (source)