Beware of Callback Phishing Scams

Beware of Callback Phishing Scams

In the ever-evolving landscape of cyber threats, a new form of phishing has emerged, and it's catching many users off guard – callback phishing. This insidious technique employs phone numbers instead of clickable URLs, making it a challenging target for traditional anti-phishing measures. The FBI has sounded the alarm on this growing trend, emphasising the need for awareness and education to combat this sophisticated form of cybercrime.

Understanding Callback Phishing

Callback phishing emails typically arrive in users' inboxes, carrying urgent messages that demand immediate attention. Unlike traditional phishing emails with malicious URLs, callback phishing presents a phone number, compelling users to make a call. The intention behind these calls is to scare users into taking action, often related to fake charges or urgent matters requiring their attention.

The phishing messages are crafted to induce fear, pushing users to dial the provided phone number promptly. What sets callback phishing apart is its reliance on an image file for the entire message, making it challenging for anti-phishing content filters to detect malicious intent. The absence of clickable links further complicates the identification process.

The FBI's Encounter with Callback Scams

The FBI has encountered callback phishing at a more alarming level – leading to ransomware attacks. When victims call the provided numbers, they are directed to a call center operated by ransomware groups. The attackers aim to maximise their chances of installing ransomware on victims' computers, adding a malicious layer to an already sophisticated scam.

In these instances, the attackers use legitimate remote access programs to manipulate victims into installing more malicious software, scripts, and even watch their screens. The end goal is to convince victims to install ransomware, causing irreparable damage.

Why Callback Phishing is on the Rise

Callback phishing is gaining popularity among cybercriminals due to its ability to evade traditional anti-phishing content filters. Unlike traditional phishing attacks, where filters can analyse text and URLs, callback phishing relies on a single image file, making it difficult for filters to "read" the text on the picture. The lack of clues within the image further complicates the detection process.

Additionally, anti-phishing content filters struggle to analyse phone numbers and determine their malicious intent. With no established "malicious phone number" lookup databases, callback phishing scams often go undetected.

Defending Against Callback Phishing

As the threat of callback phishing grows, the primary defense lies in education. Organisations should educate their end-users to recognize the signs of callback phishing. Users should be particularly wary of unexpected messages containing a single picture file, a repeated phone number, and no clickable links.

The following defense strategies can help mitigate the risk of falling victim to callback phishing:

  1. Educate End Users: Raise awareness about callback phishing and encourage users to be suspicious of emails with a single picture file and repeated phone numbers.

  2. Verify Unexpected Messages: If a message arrives unexpectedly, especially if it instructs the user to perform an unfamiliar action, users should verify using alternative methods before taking any action.

  3. Confirmation Before Action: Confirm suspicious messages through a known, alternative method – call the company directly using a trusted phone number or visit the legitimate website directly.


Callback phishing is a growing threat that demands attention and proactive defence strategies. As cybercriminals continue to refine their tactics, organisations must empower their users with knowledge to recognise and thwart these sophisticated scams. Until technical defences improve, education remains a powerful tool in the fight against callback phishing. Stay informed, stay vigilant, and remember: a little knowledge goes a long way in enhancing cybersecurity.

Older Post Newer Post