Security News > 2022 > July > Hackers impersonate cybersecurity firms in callback phishing attacks
Hackers are impersonating well-known cybersecurity companies, such as CrowdStrike, in callback phishing emails to gain initial access to corporate networks.
Over the past year, threat actors have increasingly used "Callback" phishing campaigns that impersonate well-known companies requesting you call a number to resolve a problem, cancel a subscription renewal, or discuss another issue.
In a new callback phishing campaign, the hackers are impersonating CrowdStrike to warn recipients that malicious network intruders have compromised their workstations and that an in-depth security audit is required.
These callback phishing campaigns are focused on social engineering, explaining in detail why they should be given access to a recipient's device, as shown in the email snippet below.
In a report by CrowdStrike, the company believes this campaign will likely lead to a ransomware attack, as was seen with previous callback phishing campaigns.
Callback phishing campaigns became common in 2021 with the launch of the BazarCall phishing campaigns used by the Conti ransomware gang to gain initial access to corporate networks.
News URL
Related news
- How Phishing Attacks Adapt Quickly to Capitalize on Current Events (source)
- Google raps Iran's APT42 for raining down spear-phishing attacks (source)
- Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks (source)
- Cybercriminals exploit file sharing services to advance phishing attacks (source)
- Blind Eagle Hackers Exploit Spear-Phishing to Deploy RATs in Latin America (source)
- CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait (source)
- Unpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks (source)
- How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back (source)
- Novel attack on Windows spotted in phishing campaign run from and targeting China (source)
- Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack (source)