Fortra expert John Wilson, Senior Fellow, Threat Research, wrote this article in eSecurity Planet on the evolution of hybrid vishing. The piece describes how attackers are shifting from attacker-run email infrastructure to abusing legitimate SaaS and collaboration workflows. This allows lures to inherit trusted reputation and authentication, helps them reach inboxes more reliably, and then moves the attack to the phone channel once the unsuspecting victim calls the provided number.
Originally published in eSecurity Planet.
Excerpt: “Vishing is not new, but the delivery mechanisms continue to evolve. As defenders deploy controls at one layer, attackers shift to another. Today, they are exploiting the trust and infrastructure of legitimate online services to ensure their lures reach the inbox.”
