There has been a recent rise in the number of phishing attacks that incorporate a direct phone call with the target. This technique, known as Telephone-Oriented Attack Delivery (TOAD) often starts by sending the user a phishing email urging them to call a phone number. During the call, attackers pretend to be a legitimate customer service representative and attempt to trick their target into downloading malware or disclosing sensitive information. 

Follow these tips to not fall victim to a TOAD attack:

• Always verify contact information by cross-referencing the phone number or email address in the message with the official contact details listed on the organization’s website.
• Never share sensitive information over the phone, including passwords, PINs, or multi-factor authentication (MFA) codes.
• Be wary of urgent language; TOAD scammers use urgency or threats to push you into acting fast.

Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest