Project Hyphae

‘Callback’ Phishing Impersonating Cybersecurity Companies

FRSecure WILL NOT email your end users and ask them to call us back.

Share This Post

In a recent blog post, CrowdStrike revealed a ‘callback’ email phishing campaign that had been observed recently. The tactics, techniques and procedures in play show the attackers impersonating prominent security companies to try and trick potential victims into making a phone call, under the guise that they will be calling a security firm to help assist with an active attack. If that call is made, the recipient of the phishing email will be greeted by a friendly person on the other end that will lead them to a website that will result in the soon-to-be-victim downloading malware, potentially up to and including ransomware.

The urgent nature of cyber breaches can motivate potential victims to move quickly, possibly foregoing normal procedures since they believe they are working directly with a known partner. As with countless other phishing campaigns, the best defense for organizations is a well-educated userbase. Awareness training focused on how to identify and handle phishing attempts has never been more important. Specifically, it is critical for users to understand that phishing attempts can come in many, many forms of human interaction – not just malicious links or attachments within emails.

The full CrowdStrike blog post is available here:

Reach out to our incident response team for help

More To Explore

Information Security News 11-27-2023

East Texas Hospital Network Can’t Receive Ambulances Because of Potential Cybersecurity Incident Article Link: Canadian Government Discloses Data Breach After Contractor Hacks Article Link:

Information Security News 11-20-2023

PJ&A Says Cyberattack Exposed Data of Nearly 9 Million Patients Article Link: Google Workspace Weaknesses Allow Plaintext Password Theft Article Link: New York

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.