Brock’s Information Technology Services (ITS) team is advising members of the Brock community to be vigilant about callback phishing emails.

Unlike other types of phishing, this sophisticated cyberattack tactic relies on convincing recipients to call a phone number rather than click on a malicious link, making it more difficult to screen using email security solutions.

Callback phishing emails typically contain a message, often in the form of an unclickable image, about an urgent matter to manipulate the recipient into call a number prominently displayed throughout the message. These emails could include messages about fictitious overdue bills, cybersecurity issues or upcoming charges.

Those who call the number are often redirected to an overseas call centre where scammers are aiming to gain access to user credentials, install ransomware or other malicious software onto the caller’s computer, or convince the caller to enter into remote desktop session that allows the scammer access to the caller’s device.

Any questions about callback phishing or to report a callback phishing attack can be directed to itsecurity@brocku.ca