Post

Phishing Alert: Hackers Exploit PDFs to Mimic Microsoft, DocuSign in Callback Phishing Attacks

Discover how cybercriminals are leveraging PDFs to impersonate trusted brands in sophisticated callback phishing campaigns.

Phishing Alert: Hackers Exploit PDFs to Mimic Microsoft, DocuSign in Callback Phishing Attacks

TL;DR

Cybersecurity researchers have uncovered a surge in phishing campaigns using PDFs to impersonate well-known brands, tricking victims into calling adversary-controlled phone numbers. This tactic, known as Telephone-Oriented Attack Delivery (TOAD), highlights a growing trend in social engineering techniques.

Phishing Campaigns Leverage PDFs to Mimic Trusted Brands

Cybersecurity researchers have issued a warning about an increasing number of phishing campaigns that impersonate popular brands. These campaigns employ a clever tactic: using PDFs to deceive targets into dialing phone numbers controlled by threat actors. This method, known as Telephone-Oriented Attack Delivery (TOAD), is becoming a prevalent social engineering technique.

Understanding the TOAD Technique

The TOAD technique involves sending emails with PDF attachments that appear to be from legitimate sources such as Microsoft and DocuSign. These PDFs contain persuasive content that urges the recipient to call a provided phone number, which is actually operated by the attackers. Once the victim calls, the threat actors use social engineering tactics to extract sensitive information, such as login credentials or financial details.

Impact and Implications

This trend underscores the evolving nature of phishing attacks. By leveraging PDFs, attackers can bypass traditional email filters and security measures, making these campaigns particularly effective. The use of well-known brands adds an extra layer of deception, as victims are more likely to trust communications that appear to come from reputable sources1.

Staying Protected

To safeguard against such attacks, individuals and organizations should implement robust email filtering systems and regularly update their security protocols. Employee training on recognizing and reporting phishing attempts is also crucial.

For more details, visit the full article: source

Additional Resources

For further insights, check:

References

  1. Cybersecurity researchers(2025). “Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns”. The Hacker News. Retrieved 2025-07-02. ↩︎

This post is licensed under CC BY 4.0 by the author.