A threat actor dubbed Luna Moth has been leveraging social engineering and legitimate software to steal sensitive data and extort money from small and medium-size businesses. The group is eschewing the use of ransomware and instead relies on targeted employees calling a phone number manned by the attackers and convincing them to install a remote access tool. “Callback phishing, also referred to as telephone-oriented attack delivery (TOAD), is a social engineering attack that requires a … More
The post Fake subscription invoices lead to corporate data theft and extortion appeared first on Help Net Security.
