Call Me Maybe? The Rise of Callback Phishing Emails

Callback phishing is a sophisticated social engineering tactic that manipulates victims into calling a phone number rather than clicking links or downloading attachments, leading to potential financial losses for individuals and businesses. This type of phishing is difficult to detect due to the absence of traditional URLs or attachments and the use of freemail accounts, obfuscated phone numbers, and rapidly changing templates. Attackers impersonate well-known brands, using images and logos to evade text-based detection systems. Detection strategies involve advanced techniques like Optical Character Recognition (OCR) and Natural Language Understanding (NLU) to extract and analyze content from images, while deep learning models help identify brand logos. The attackers' aim is often to install malware or carry out financial theft through remote access tools. Despite efforts like "scambaiting" by streamers and researchers to disrupt these scams, attackers adapt by implementing countermeasures such as multi-factor authentication. As long as callback phishing remains profitable, it is expected to evolve with more advanced techniques.