A TOAD (Telephone-Oriented Attack Delivery) attack is a type of cyberattack where attackers use phone calls to trick victims into compromising their security or revealing sensitive information, often in conjunction with initial phishing emails or texts. These attacks leverage the trust people often place in strangers who call and claim authority.
Here is how it plays out;
- You get text messages or emails pretending to be a legit organization. Often containing a fake invoice or alerts about your accounts
- The message directs you to call a number for assistance.
- When you get the scammer on the phone – you get connected to a fake call centre. The scammer then tells you to install software on your computer, or tricks you into providing personal information.
- Now that you have installed the software – they can now get access to your computer. Leading to various threats like taking your data, ransomware or further attacks. If they get your personal information, they can use it to perform other acts as you. Like logging into your bank account.
TOAD attacks are very sophisticated attacks that use multiple means of communication to compromise you or your information. This isn’t just a link that you click on in an email. It is a multifaceted attack, highly coordinated attack that involves emails, texts, phone calls. Combined to get you to provide personal information, or install malicious software on your computer.
Always use caution, and remember the 4 P’s. Scams can come in many forms, and not just by clicking a link on a website, or in an email.