Criminals are now posing as security companies to trick you into installing malware

Extracted from techradar

If a cybersecurity company tells you to call them, it’s probably a scam

Cartoon Phishing

(Image credit: Shutterstock / DRogatnev)

Cybercriminals are impersonating cybersecurity companies to try and lure victims into downloading compromising programs. 

An investigation by Crowdstrike, one of the cybersecurity companies impersonated in the campaign, uncovered a “callback phishing” campaign in which threat actors are reaching out to various companies via email, telling them their endpoints are compromised, and urging them to call the company back for further instructions on how to eliminate the threat.

The email also carries the phone number that the victims should call, and as you might imagine, it doesn’t belong to the actual company, but rather to the attackers.

Legitimate software and nefarious goals

If the victim falls for the scam and actually calls the number in the email address, the person on the other end of the line will try and persuade them into downloading “common legitimate remote administration tool (RATs),” which would give them access to the target network. Furthermore, they’d try and get the victim to install off-the-shelf penetration testing tools, such as Cobalt Strike, to allow for lateral movement. 

Following the successful breach and lateral movement, the attackers will look to deploy ransomware, although Crowdstrike could not say exactly which ransomware variant they use. 

One of the reasons why such a campaign could be relatively successful is the fact that the emails carry no links, or attachments. As such, it is possible for email security solutions, as well as antivirus programs, not to detect these emails as malicious, and release them to the target’s inbox.

What’s more, giving cyberattackers your phone number also opens up an additional avenue for attacks.

It’s not exactly a new strategy. Cybercriminals have been using this approach for months now, as email security systems grew more sophisticated and better at spotting malicious actors. 

Around Black Friday 2021, scammers were also found to be impersonating big brands such as Amazon, Target, and Walmart, attempting to get victims to call them.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Penelope Burns

Write | Blog | Create | Earn

Jamila's Blog

Believe in yourself!

Techster's Blog

Exploring the world of Intel NUCs

JG Technology Blog

Imagine...Build...Succeed

Discover WordPress

A daily selection of the best content published on WordPress, collected for you by humans who love to read.

The Atavist Magazine

Imagine...Build...Succeed

WordPress.com News

The latest news on WordPress.com and the WordPress community.

%d bloggers like this: