The Luna Moth campaign has extorted hundreds of thousands of dollars from several victims in the legal and retail sectors.
The attacks are notable for employing a technique called callback phishing or telephone-oriented attack delivery (TOAD), wherein the victims are social engineered into making a phone call through phishing emails containing invoices and subscription-themed lures.
Palo Alto Networks Unit 42 said the attacks are the “product of a single highly organized campaign,” adding, “this threat actor has significantly invested in call centres and infrastructure that’s unique to each victim.”
The cybersecurity firm described the activity as a “pervasive multi-month campaign that is actively evolving.”
What’s notable about callback phishing is that the email messages are completely devoid of any malicious attachment or booby-trapped link, allowing them to evade detection and slip past email protection solutions.
images from Hacker News