The Fortra Intelligence and Research Experts (FIRE) team have uncovered a new phishing tactic that abuses legitimate GitHub notification emails to deliver vishing scams. The research shows how attackers are using trusted infrastructure to get malicious messages into inboxes.
Key findings:
- Attackers hide vishing lures in GitHub commit messages, which generate legitimate notification emails from noreply@github.com.
- Researchers say this is the first observed use of GitHub commit messages to distribute vishing scams.
- Notifications are forwarded through Microsoft 365, helping the messages pass authentication checks and evade filters.
- The lures impersonate brands such as PayPal and Norton and urge victims to call fake support numbers.
The report is published here: https://www.fortra.com/blog/threat-actors-abuse-github-notifications-to-deliver-vishing-attacks
Related
This entry was posted on March 9, 2026 at 11:15 am and is filed under Commentary with tags Fortra. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Threat Actors Abuse GitHub Notifications to Deliver Vishing Attacks
The Fortra Intelligence and Research Experts (FIRE) team have uncovered a new phishing tactic that abuses legitimate GitHub notification emails to deliver vishing scams. The research shows how attackers are using trusted infrastructure to get malicious messages into inboxes.
Key findings:
The report is published here: https://www.fortra.com/blog/threat-actors-abuse-github-notifications-to-deliver-vishing-attacks
Share this:
Like this:
Related
This entry was posted on March 9, 2026 at 11:15 am and is filed under Commentary with tags Fortra. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.