There is a new AI vishing tool in town called ATHR that is changing how Telephone-Oriented Attack Delivery (TOAD) attacks work. Researchers at Abnormal have brought attention to ATHR, a platform that automates voice phishing attacks using AI.
TOAD is a form of social engineering where, instead of using malicious links or attachments, the attacker sends an email that contains only a phone number.
These emails are usually designed to create urgency that would prompt the recipient to call. Once the target makes that call, the attack shifts from email to voice, which is where the real compromise happens. During the conversation, the victim may be guided to install remote access software or share sensitive information.
Running this type of attack at scale typically requires multiple tools, from email delivery systems to call infrastructure and phishing panels. This setup requires time and some level of sophisticated technical ability.
ATHR changes this setup complexity by combining the entire process into a single system. Instead of relying on separate tools to carry out the multi-phase attack, attackers can manage the full attack chain in one place.
ATHR’s Dashboard
Source: Abnormal
The malicious operation is advertised on underground forums for $4,000 plus a 10% commission on profits.
The ATHR attack chain includes the following steps:
- Lure Creation:
ATHR provides pre-built email templates that mimic messages from trusted companies. These emails can be customized for each target, making them more convincing. The platform supports major services like Google, Microsoft, Coinbase, Binance, Gemini, Crypto.com, Yahoo, and AOL. - Email Delivery:
The attacker sends a realistic-looking email, often including details like timestamps, locations, or recent activity. Because it contains no suspicious links, it can bypass many traditional email security filters. - Callback Initiation:
The recipient is prompted to call the number in the email. The call is routed through infrastructure similar to legitimate call centres. - Social Engineering via AI or Human Agent:
The call is handled either by a human operator or an AI voice agent. These agents follow scripted scenarios, for instance a fake account recovery process, to build trust step by step. - Credential Extraction:
During the interaction, the victim may be asked to provide login details or a verification code. - Real-time data capture
As the victim provides information, ATHR captures it instantly through integrated phishing panels. Attackers can monitor the session live and adjust their approach as needed.
AI Agent Script Builderย
Source: Abnormal
All of this is managed through the centralised dashboard, where attackers can send emails, handle calls, and track results. This also allows them to quickly refine their tactics when needed. For example, adjusting email templates if they are not getting enough responses.
With new โas-a-serviceโ tools like ATHR, the barrier to entry for conducting TOAD attacks is lowered. What once required multiple systems and coordination can now be handled by a single operator.
Overall, this shift toward integrated and automated platforms makes these attacks easier to scale and more difficult to detect. Because these attacks rely on phone calls and social engineering, traditional email security methods like scanning for links or attachments are not enough on their own. Awareness and behavioural detection become more important in identifying them.
About the author:
