Cybersecurity researchers are calling attention to phishing campaigns that impersonate popular brands and targets and call phone numbers run by threat actors.
“A significant portion of the email threat caused by PDF payloads will persuade victims to call hostile phone numbers and view another popular social engineering technique known as phone-oriented attack delivery (TOAD), also known as callback phishing,” said Omid Mirzaei, a researcher at Cisco Talos, in a report shared with Hacker News.
Analyses of phishing emails containing PDF attachments between May 5th and June 5th, 2025 revealed that Microsoft and Docusign were the most spoofed brands. Nortonlifelock, PayPal, and Geek Squad are one of the most besieged brands in Toad Mail with PDF attachments.
This activity is part of a broader phishing attack that seeks to leverage the trust that popular brands and people have to launch malicious behavior. These messages typically incorporate PDF attachments with legitimate brands like Adobe or Microsoft, and scan for malicious QR codes that refer to forgerying Microsoft login pages, or click on a link that redirects users to a phishing page as a service, like Dropbox.
QR Code Phishing Emails have also been found to allow emails containing PDF payloads to leverage PDF annotations to link QR codes to real web pages and embed URLs in sticky notes, comments, or form fields within PDF attachments. The message gives the impression that you can trust.
In toad-based attacks, victims are coaxially in calling phone numbers in attempts to resolve issues or confirm transactions. During the phone call, the attacker pretends to be a legal customer representative and tricks the victim into revealing sensitive information or installing malware on the device.
While most toad campaigns rely on fantasies of urgency, their effectiveness depends on how persuasive they are to use scripted call center tactics, retain music, and even spoofed caller IDs, mimicking real support workflows.
This technique is a popular method among threat targets to install remote access programs on banking Trojans and victim machines on Android devices to gain sustained access. In May 2025, the US Federal Bureau of Investigation (FBI) warned of such attacks carried out by a financially motivated group called Luna Moth to violate the target network by pose as IT department officials.
“Attackers use direct voice communication to leverage victims’ trust in their phone calls and the perception that telephone communication is a secure way to interact with organizations,” Mirzaei said. “In addition, live interactions on the phone allow attackers to manipulate victims’ emotions and responses by employing social engineering tactics.”
Cisco Talos said most threat actors use Internet Protocol (VOIP) numbers to maintain anonymity, making it difficult to track.
“Brand impersonation is one of the most popular social engineering technologies and is being used continuously by attackers in various types of email threats,” the company said. “Therefore, the brand’s spoofing detection engine plays a crucial role in defending against cyberattacks.”
Over the past few months, phishing campaigns have leveraged the legal features of Microsoft 365 (M365) called direct sending to spoof internal users and deliver phishing emails without having to compromise your account. This new method has been adopted for each Valonis to target over 70 organizations since May 2025.
These spoofed messages not only arise within the victim organization, but also take advantage of the fact that smart host addresses follow a predictable pattern (“.mail.protection.outlook.com”) and send phishing emails without the need for authentication.
This tactic shares similarities with Vishing, technical support fraud, and business email compromise (BEC), but differs in delivery vectors and persistence. Some attackers push victims to download remote access software like AnyDesk and TeamViewer, while others route them through fake payment portals or impersonate the billing department to harvest credit card information.
In one phishing email sent on June 17, 2025, the message body was similar to a voicemail notification, including a PDF attachment containing a QR code that directs recipients to the Microsoft 365 qualification harvest page.
“In many of the initial access attempts, threat actors have leveraged the M365’s direct transmission capabilities to target individual organizations using phishing messages that are subject to less scrutiny compared to standard inbound email,” said security researcher Tom Balnea. “This simplicity sends directly attractive, low-effort vectors for phishing campaigns.”
This disclosure is because we found that new research in Netcraft was initially suggested as an irrelevant hostname as a response that is not owned by the brand by asking a large-scale language model (LLM) that logs in to 50 different brands in different sectors such as finance, retail, technology, and utility.
“In two-thirds of the time, the model returned the correct URL,” the company said. “But for the remaining third, the results collapsed like this. Nearly 30% of the domains were unregistered, parked or other inert, opening them to acquisitions. Another 5% pointed to completely unrelated businesses.”
This also means that by asking where to sign in to an AI chatbot, you may be sending users to a fake website.
As threat actors are already using AI-powered tools to create phishing pages at scale, the latest developments show a new twist in which cybercriminals are trying to game LLM responses by surfacening malicious URLs in response to queries.
Netcraft said attempts have been observed to poison AI coding assistants like Cursor by exposing fake APIs to GitHub, which has the ability to route transactions on the Solana blockchain to attacker-controlled wallets.
“The attackers didn’t just expose the code,” says security researcher Bilaal Rashid. “They launched dozens of github repos to promote blog tutorials, forum Q&AS, and dozens of Github repositories. Multiple fake Github accounts shared a project called Moonshot-volume-bot, which was seeded into their accounts with a wealth of BIOS, profile pictures, social media accounts and trustworthy coding activities.
The development also follows the coordinated efforts of the threat actors and uses JavaScript or HTML designed to influence highly reputable websites (e.g., .gov or .edu domains) to influence search engines and prioritize phishing sites in search results. This is achieved by an illegal market called Hacklink.
The service “cylderens can purchase access to thousands of compromised websites and inject malicious code designed to manipulate search engine algorithms,” said security researcher Andrew Sevenborn. “The scammers use the hacklink control panel to insert links to phishing or illegal websites into the source code of legitimate but compromised domains.”
Because these outbound links are associated with specific keywords, when users search for relevant terms, the hacked website will be provided in search results. Worse, actors can change the text displayed in search results to suit their needs without having to control the site in question, affecting brand integrity and user trust.
Source link
