‘Callback’ Phishing Campaign Impersonates Security Firms

Elizabeth Montalbano reports:

A new callback phishing campaign is impersonating prominent security companies to try to trick potential victims into making a phone call that will instruct them to download malware.

Researchers at CrowdStrike Intelligence discovered the campaign because CrowdStrike is actually one of the companies, among other security firms, being impersonated, they said in a recent blog post.

Read more at ThreatPost.

CrowdStrike catches insider feeding information to ScatteredLapsus$Hunters
Threat actors have reportedly launched yet another campaign involving an application connected to Salesforce
Sue The Hackers – Google Sues Over Phishing as a Service
Five major changes to the regulation of cybersecurity in the UK under the Cyber Security and Resilience Bill
From bad to worse: Doctor Alliance hacked again by same threat actor (2)
Draft UK Cyber Security and Resilience Bill Enters UK Parliament

Related: