State of New Jersey SealOFFICIAL SITE OF THE STATE OF NEW JERSEY

Uptick in TOAD Campaigns

Garden State Cyber Threat Highlight

Original Release Date: 12/21/2023

Summary

The NJCCIC detected a recent uptick in TOAD phishing campaigns that may cause substantial disruption and losses across various organizations. A telephone-oriented attack delivery (TOAD) attack uses various social engineering tactics to build trust and credibility with victims. The attack is perpetuated by threat actors leveraging a combination of business impersonation, phishing emails, and fraudulent call centers. The attacks rely on victims to call the cybercriminal directly using the phone number found in the phishing email. Successful attacks may result in credential theft, malware installation, loss of funds, and ransomware.

The messages used in observed TOAD attacks claim to originate from trusted organizations such as Norton, PayPal, McAfee, or other known companies and may include an attached invoice and details of a supposed bill or transaction fee for services. Once contact is initiated by the potential victim, the fraudulent customer service representative may attempt to obtain account credentials or convince victims to download a malicious program to “fix” a problem or provide remote access to their devices. These phishing emails may bypass email security due to limited indicators within the phishing email and the reliance upon the potential victim to initiate interaction to perpetuate the attack. 

Recommendations

The NJCCIC advises against responding to unexpected emails from unverified senders. If a user receives this or similar messaging, contact the associated company by phone using the official phone number found on its website. The NJCCIC also reminds users that legitimate customer support will never request account credentials or unnecessary sensitive information over the phone. Users who have submitted account credentials on a fraudulent website or over the phone are advised to change their password and enable MFA . Additionally, phishing emails and other malicious cyber activity can be reported to the FBI’s IC3 and the NJCCIC. Additional information can be found in the Keepnet Labs blog post.

Join & Subscribe

Never miss an update! Sign up for a no cost membership today! Receive up-to-date content and more in our weekly bulletin.

Sign Up

Featured Content

New Jersey Cybersecurity & Communications Integration Cell

2 Schwarzkopf Dr, Ewing Township, NJ 08628

njccic@cyber.nj.gov

OUR COMMITMENT

The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.

Agency Seals of State of NJ, NJOHSP and NJCCIC

STAY CONNECTED:

View our Privacy Policy here.

View our Site Index here.