A callback phishing campaign was launched to trick users to believe that they are authentic cybersecurity providers. The hackers “alert” potential targets with a data breach notification and request them to call back for assistance, leading to phishing.
The instances came to light when email campaigns asking about recipients’ companies started cropping up in July. Attackers sent professional emails that resembled emails from legitimate cybersecurity companies. The email would alert users of possible threats in their network leading to panic. To secure their network, many would call the hacker back. Following this the hacker would ask them to install commercial RAT software, leaving the caller compromised.
According to the report, hackers use fraudulent phone numbers that seem relatable to the users and convince the victim to share their details. Using more complex and sophisticated morphing techniques, hackers claim to solve the issue faked by them. During the process, the hackers use the victims’ browser history to gain access to their recent activities and use it to entrap them. The browser history was also used to gain victims’ trust and persuade them to click on phishing links and call on fraudulent phone numbers.
It was speculated that for such fraudulent campaigns, common remote access tools (RATs) are deployed for access. Furthermore, off-the-shelf penetration testing tools for lateral movement and deploying ransomware or data extortion tools are also suspected to be included in the packages.
These tricks are used to monetize users’ confidence by accessing their credentials. CrowdStrike Intelligence hasn’t been able to confirm the exact variant of malware used however, they have reported that this is the first identified callback campaign impersonating cybersecurity entities.
Meanwhile, CrowdStrike and other cybersecurity companies have also released notices to let users know of such schemes and malware being live as threats to user security.
AI fraud, deepfake probes, SME cyber warnings, and ransomware cases highlight rising global risks in this week’s Cyber Express roundup.
French national bank authority confirmed a major data breach affecting 1.2 million bank accounts after a malicious actor stole credentials…
The real success of AI will not only depend on how powerful the technology becomes, but on how safely, fairly,…
Israel data breach totals two petabytes, with phishing up 35% and cyber influence attacks rising 170%, says Yossi Karadi.
The UMMC cyberattack halted surgeries, closed clinics statewide and triggered a federal probe into potential patient data exposure.
ESET researchers discovered PromptSpy, the first known Android malware to integrate generative AI directly into its execution flow, marking a…
This website uses cookies. By continuing to use this website you are giving consent to cookies being used.
Read More
View Comments