Security News > 2022 > July > Hackers impersonate cybersecurity firms in callback phishing attacks
Hackers are impersonating well-known cybersecurity companies, such as CrowdStrike, in callback phishing emails to gain initial access to corporate networks.
Over the past year, threat actors have increasingly used "Callback" phishing campaigns that impersonate well-known companies requesting you call a number to resolve a problem, cancel a subscription renewal, or discuss another issue.
In a new callback phishing campaign, the hackers are impersonating CrowdStrike to warn recipients that malicious network intruders have compromised their workstations and that an in-depth security audit is required.
These callback phishing campaigns are focused on social engineering, explaining in detail why they should be given access to a recipient's device, as shown in the email snippet below.
In a report by CrowdStrike, the company believes this campaign will likely lead to a ransomware attack, as was seen with previous callback phishing campaigns.
Callback phishing campaigns became common in 2021 with the launch of the BazarCall phishing campaigns used by the Conti ransomware gang to gain initial access to corporate networks.
News URL
Related news
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- TechRepublic EXCLUSIVE: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure” (source)
- Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks (source)
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- North Korean hackers adopt ClickFix attacks to target crypto firms (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- Russian hackers attack Western military mission using malicious drive (source)