Hackers Pose As Cybersecurity Firms In Callback Phishing Attacks

Share post:

Attackers are impersonating cybersecurity companies in callback phishing campaigns. As part of the new campaign, the attackers impersonate CrowdStrike to warn recipients that malicious network intruders have compromised their workstations.

The attackers also pointed out that a thorough security review was needed.

In the phishing email, employees are asked to call them using an enclosed phone number to plan the security check of their workstations.

As soon as an unsuspecting employee calls, the attacker directs the victim to install remote administration tools (RATs). The tools allow the threat actors to gain complete control of the workstation.

After the tool is installed, the threat actors will remotely install further tools that allow them to spread laterally through the network, steal corporate data and deploy ransomware that can encrypt devices.

“This is the first identified callback campaign impersonating cybersecurity entities and has higher potential success given the urgent nature of cyber breaches,” CrowdStrike warns.

The phishing campaign, unlike in the past, has the potential to be successful on a large scale, given that many employees work from home and away from their IT team.

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

North Korean Job Scam Targeting IT Job Seekers

North Korea’s Lazarus advanced persistent threat (APT) group has launched a sophisticated campaign, “Operation 99,” targeting freelance software...

Hackers Exploit FastHTTP in High-Speed Microsoft 365 Attacks

Threat actors are employing the FastHTTP Go library to launch high-speed brute-force password attacks on Microsoft 365 accounts...

YouTubers Targeted As Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results

Attackers have found a new way to infect people seeking pirated or cracked software: planting malicious download links...

New macOS Malware Exploits Apple’s Security Features to Stay Hidden and Steal User Data

A newly discovered variant of the Banshee macOS Stealer malware is putting 100 million Apple users at risk...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways