Has a suspicious-looking email with a PDF attachment containing a phone number to call “tech support” landed in your inbox recently? If so, you are likely the target of the latest iteration of a sophisticated phishing attack. According to Cisco Talos (they keep an eye on this stuff), there's a new wave of PDF scams hitting inboxes right now, and the bait is more convincing than ever.
From early May to early June 2025, researchers observed a sharp increase in phishing scams disguised as notifications from trusted companies, including Microsoft, Adobe, and DocuSign. But instead of the usual “click here to log in” tactic, these scammers are switching things up. They’re using a method called callback phishing, and it’s catching people off guard.
What Is Callback Phishing?
When you see advice on how to avoid becoming the victim of phishing, it almost always recommends calling the email sender to confirm that the message came from them. The new PDF scams attempt to exploit the trust that comes from interacting with a real person.
Here’s how they work: You receive an email with a PDF attached that appears to be from a well-known tech brand. Inside the document, there’s a message indicating an issue with a pending transaction, such as a subscription renewal, along with a phone number to call for assistance.
Seems harmless, right? You’re just making a call, not clicking on anything sketchy. Unfortunately, that’s exactly what the scammers want you to think.
Once you call, you’ll connect to a fake customer service rep who sounds professional and helpful. They may ask for sensitive information, like account credentials or payment details, or walk you through installing remote access tools or malware disguised as a solution to your so-called problem.
Why These PDF Scams Are So Dangerous
This new wave of tech support fraud is especially sneaky because it doesn’t rely on you clicking anything dangerous. The PDF files themselves might not contain malware, but they act as a launchpad for a social engineering attack. The real danger comes when you dial the number and fall into the trap.
By impersonating trusted companies and assuming the role of a fake customer service agent, attackers can quickly establish credibility. And since many people handle account issues over the phone, it’s easy to see how the criminals can mislead someone.
How To Protect Your Business
Recognizing that these scams are becoming increasingly prevalent is the first step in combating them. You can also protect your business by:
- Not trusting PDF attachments from unknown senders, especially ones urging you to call a number.
- Never calling support numbers listed in unsolicited emails or documents.
- Verifying contact information directly from the company’s official website.
- Training staff to recognize signs of phishing scams and tech support fraud.
- Using security software that scans email attachments for document malware.
PDF scams are evolving, and attackers are getting smarter. By remaining vigilant and cautious, you can safeguard your business against these emerging threats. When in doubt, don’t click and don’t call; just delete.
