TOAD Phishing Scams: Why Picking Up the Phone Could Be Your Biggest Mistake!

Hackers are swapping links for phone calls in TOAD campaigns, impersonating brands like Microsoft and PayPal. Victims call the attackers, thinking they’re handling an urgent matter. It’s a phishing scheme with a twist: now the victims do the dialing! Remember, if Microsoft calls, it’s probably not Bill Gates on the line.

3P
Published: July 3, 2025 12:58 pmAdded: July 3, 2025 at 6:15 amAssembled by: The Editor
Pro Dashboard

Hot Take:

If you thought receiving a call from your telemarketer uncle was the worst thing that could happen, think again! Hackers are now impersonating your favorite brands, and they’re on a mission to give you a new kind of “customer service” experience—one that could cost you more than just your patience.

Key Points:

  • Hackers are ditching fake websites and opting for phone calls in callback phishing scams.
  • Cisco Talos reports a surge in telephone-oriented attack delivery (TOAD) campaigns.
  • TOAD attacks exploit victims’ trust in phone communication as a secure interaction method.
  • VoIP numbers are favored for their anonymity and logistical advantages in multistage attacks.
  • Brand impersonation remains a top social engineering tactic, necessitating stronger detection technologies.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?