Security Awareness – Threat Actors Imitating Cybersecurity Firms Requesting Callbacks in Phishing Campaigns

CrowdStrike has posted a blog detailing a newly identified phishing campaign where threat actors have been observed posing as popular cybersecurity providers in order to gain a victim’s trust and access their computers. This campaign is what CrowdStrike labels a “callback phishing” campaign, as the victims are expected to call the number provided by the threat actors in order to be persuaded into installing a remote access tool (RAT) on their machine by a false customer service representative. WaterISAC has previously reported on the increased use of these tactics, though this is the first time cybersecurity companies have been imitated in order to pressure victims to call. While affected victims have not yet succumbed to the ploy, CrowdStrike predicts that ransomware is the most likely method criminals will use to monetize these breaches. Read more at CrowdStrike.