Security researchers from Cisco Talos have warned of a rise in phishing campaigns involving callback scams, where victims are prompted to call attackers on the phone.
Threat actors spoof major tech companies like Microsoft and Adobe, sending phishing emails with PDF attachments containing phone numbers controlled by the attackers.
The attackers manipulate victims into divulging sensitive information or downloading malware by posing as customer representatives during the phone calls.
These callback phishing campaigns exploit victims' trust in phone calls and use social engineering tactics to deceive them, with most phone numbers being VoIP to make tracing difficult.