Callback Phishing Attacks See Massive 625% Growth Since Q1 2021

In response to reports that hackers are increasingly moving towards hybrid forms of phishing attacks that combine email and voice social engineering calls, with the use of ‘hybrid vishing’ is seeing a massive 625% growth in 2022, an expert at cybersecurity firm offers the following comment.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Roger A. Grimes
Roger A. Grimes , Data-Driven Defense Evangelist
InfoSec Expert
August 16, 2022 12:50 pm

Just like in sales, the more “touches” you have with a potential lead, the better chance to convert. We’ve all been told not to click on unexpected emails…but if the attacker also calls us, it adds an immediate sense of legitimacy to the original email. You might even be thinking, “And I thought that could have been a phishing email.” Officially, attacks that use multiple touches, including the first one that doesn’t include any outright suspicious links or downloads, is known as “pretexting”. Pretexting attacks are harder for the attacker to pull off because it takes more time on their side to setup and accomplish. But the time put in pays off, in that they are far more likely to have success across the victim subset they are targeting and be more likely to steal more per instance. The best defense is to educate everyone about these more sophisticated attacks and then do simulated instances to see how likely these sorts of attacks are to be against your population, and to make potential victims more aware of these sorts of attacks. It’s really the only defense that will work.

Last edited 1 month ago by Roger A. Grimes
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x