Report by Talos
PDFs: Portable documents, or perfect deliveries for phish?
5 FINDINGSPublished Jul 2, 2025
View Original Report →Key Findings
Most phone numbers found in email threats leveraging the TOAD social engineering technique are Voice over Internet Protocol (VoIP) numbers.
TalosPDFs: Portable documents, or perfect deliveries for phish? ·Jul 2, 2025
PhishingTOAD
NortonLifeLock, PayPal, and Geek Squad were among the most impersonated brands in TOAD emails with PDF attachments
TalosPDFs: Portable documents, or perfect deliveries for phish? ·Jul 2, 2025
PhishingTOADPDFImpersonation
Microsoft and Docusign were among the most frequently impersonated brands in phishing emails with PDF attachments.
TalosPDFs: Portable documents, or perfect deliveries for phish? ·Jul 2, 2025
PhishingTOADPDFImpersonation
A significant portion of email threats with PDF payloads persuade victims to call adversary-controlled phone numbers, employing Telephone-Oriented Attack Delivery (TOAD) or callback phishing.
TalosPDFs: Portable documents, or perfect deliveries for phish? ·Jul 2, 2025
PhishingTOAD
Phone numbers are sometimes reused on consecutive days in TOAD attacks.
TalosPDFs: Portable documents, or perfect deliveries for phish? ·Jul 2, 2025
PhishingTOAD