Callback Phishing Scam
Callback phishing scams are a popular type of scam that cybercriminals use to steal your sensitive data. The FBI has warned the public that these types of scams are on the rise. In callback phishing scams, cybercriminals craft a convincing email that includes a callback number to the cybercriminal directly. Cybercriminals like this scam because it’s different then clicking on a link.
Cybercriminals send an email to the user that explains there is a pending charge on their account that they need to look at. They include a phone number in this email that you can call to speak with someone and review the charge. Once the person calls the cybercriminal will act as a support person. They will encourage the user to download their system management tool so they can guide them on their computer. This download is disguised ransomware and if installed the cybercriminals can steal all sensitive data.
Tips:
- Never call a number from an email. Always go to the website by using a trusted browser and get the phone number that way.
- Be cautious of emails that create urgency. Cybercriminals use this tactic for you to do an action impulsively.
- Think before you do an action. Look for red flags in the email like poor grammar, time the email was sent, the sender’s name, etc.
Learn more tips like this and train your employees with our Security Awareness Training Program.