Security News > 2022 > October > Callback phishing attacks evolve their social engineering tactics
Callback phishing operations have evolved their social engineering methods, keeping old fake subscriptions lure for the first phase of the attack but switching to pretending to help victims deal with an infection or hack.
Callback phishing attacks are email campaigns pretending to be high-priced subscriptions designed to lead to confusion by the recipient as they never subscribed to these services.
This leads to a social engineering attack that deploys malware on victims' devices and, potentially, full-blown ransomware attacks.
Callback phishing attacks first appeared in March 2021 under the name "BazarCall," where threat actors began sending emails pretending to be a subscription to a streaming service, software product, or medical services company, giving a phone number to call if they want to cancel the purchase.
The social engineering process has changed in recent callback phishing campaigns, although the bait in the phishing email remains the same, an invoice for a payment made to Geek Squad, Norton, McAfee, PayPal, or Microsoft.
Another variant used in the PayPal-themed phishing attacks is to ask the victim if they use PayPal and then allegedly check their email for compromise, claiming that their account was accessed by eight devices spread across various locations worldwide.
News URL
Related news
- Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks (source)
- Clever Social Engineering Attack Using Captchas (source)
- Australian Organisations Targeted by Phishing Attacks Disguised as Atlassian (source)
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)