BazarCall Scams: Call Centers Playing A Roll In Phishing & Ransomware Attacks

BazarCall Scams: Call Centers Playing A Roll In Phishing & Ransomware Attacks

View On WordPress

BazaCall Phishing Scammers Now Leveraging Google Forms for Deception

Source: https://thehackernews.com/2023/12/bazacall-phishing-scammers-now.html

More info: https://abnormalsecurity.com/blog/bazarcall-attack-leverages-google-forms

BazaCall Phishing Scam

The BazaCall phishing scam, now using Google Forms, presents a new challenge in cybersecurity. Here's a revised explanation with solutions:

BazaCall, a phishing scam, has started using Google Forms to trick people. You might get an email that looks like it's from a service you use, like Netflix, asking you to call for a subscription issue. The scam is when they try to get remote access to your computer over the phone.

They use Google Forms to seem more legitimate and collect your information. These forms can bypass some email security because they come from a Google email address. The forms also have URLs that keep changing, which makes it hard for usual security tools to spot them.

To combat this, here are some solutions:

Be Skeptical of Unsolicited Contacts: If you get an email asking you to call about a subscription, be cautious. Verify the contact details independently, not from the email.

Educate About Phishing: Regular training and updates about new phishing tactics, like BazaCall, can help people recognize and avoid these scams.

Use Advanced Email Filtering: Employ email security systems that go beyond standard filters. Look for those that can analyze email behavior and assess the trustworthiness of links.

Regular Security Updates: Keep your security software and systems up to date to protect against known vulnerabilities.

Multi-Factor Authentication (MFA): Using MFA can add an extra layer of security, even if someone gets hold of your credentials.

BazaCall Phishing Scammers Now Leveraging Google Forms for Deception

The Hacker News : The threat actors behind the BazaCall call back phishing attacks have been observed leveraging Google Forms to lend the scheme a veneer of credibility. The method is an "attempt to elevate the perceived authenticity of the initial malicious emails," cybersecurity firm Abnormal Security said in a report published today. BazaCall (aka BazarCall), which was first http://dlvr.it/T05R1t Posted by : Mohit Kumar ( Hacker )

BazaCall Phishing Scammers Now Leveraging Google Forms for Deception

http://i.securitythinkingcap.com/T05Hfx

BazarCall Callback Phishing Attacks Constantly Evolving Its Social Engineering Tactics

The operators behind the BazaCall call back phishing method have continued to evolve with updated social engineering tactics to deploy malware on targeted networks. The scheme eventually acts as an entry point to conduct financial fraud or the delivery of next-stage payloads such as ransomware, cybersecurity company Trellix said in a report published last week. Primary targets of the latest https://thehackernews.com/2022/10/bazarcall-callback-phishing-attacks.html?utm_source=dlvr.it&utm_medium=tumblr

18 de Octubre, 2021

Internacional

Expanden los canales de distribución de Malware

Los operadores detrás del pernicioso malware TrickBot han resurgido con nuevos trucos que tienen como objetivo aumentar su presencia mediante la expansión de sus canales de distribución, lo que en última instancia conduce al despliegue de ransomware como Conti. El actor de amenazas, al que se le ha seguido los nombres de ITG23 y Wizard Spider, se asocia con otras bandas de ciberdelincuencia conocidas como Hive0105, Hive0106, lo que se suma a un número creciente de campañas en las que los atacantes están apostando entregar malware propietario.

 E.@. Desde que surgió en el panorama de las amenazas en 2016, TrickBot ha evolucionado de un troyano bancario a una solución de crimeware modular basada en Windows, mientras que también se destaca por su capacidad de recuperación, demostrando la capacidad de mantener y actualizar su conjunto de herramientas e infraestructura a pesar de los múltiples esfuerzos de las fuerzas del orden. y grupos de la industria para eliminarlo. Además de TrickBot, al grupo Wizard Spider se le atribuye el desarrollo de BazarLoader y una puerta trasera llamada Anchor.

Si bien los ataques montados a principios de este año se basaron en campañas de correo electrónico que entregaban documentos de Excel y una artimaña del centro de llamadas denominada " BazaCall " para entregar malware a los usuarios corporativos, las intrusiones recientes que comenzaron alrededor de junio de 2021 se caracterizaron por una asociación con dos afiliados de delitos cibernéticos para aumentar su infraestructura de distribución. aprovechando los hilos de correo electrónico secuestrados y los formularios de consulta de clientes de sitios web fraudulentos en los sitios web de la organización para implementar cargas útiles de Cobalt Strike.

En una cadena de infección observada por IBM a fines de agosto de 2021, se dice que el afiliado de Hive0107 adoptó una nueva táctica que consiste en enviar mensajes de correo electrónico a las empresas objetivo informando que sus sitios web han estado realizando ataques distribuidos de denegación de servicio (DDoS) en sus servidores, instando a los destinatarios a hacer clic en un enlace para obtener pruebas adicionales. Una vez que se hace clic, el enlace descarga un archivo ZIP que contiene un descargador de JavaScript (JS).

 Fuente

RT @TheHackersNews: #Microsoft has issued a warning about an ongoing malicious campaign employs uses fake call centers to trick users into downloading BazaLoader #malware that can sniff data and install #ransomware. Read details: https://t.co/TbrO2Ru6qX #BazaCall #hacking #infosec #cybersecurity (via Twitter http://twitter.com/TheHackersNews/status/1421346933222690818)

Microsoft warns: These attackers can go from first contact to launching ransomware in just 48 hours

Microsoft warns: These attackers can go from first contact to launching ransomware in just 48 hours

Microsoft is warning that the BazarCall (or Bazacall) call center malware operation is actually more dangerous than first thought, with initial attacks potentially leading to ransomware attacks within 48 hours.    The group had been targeting Office 365/Microsoft 365 customers with phishing email regarding ‘expiring’ bogus trial subscriptions that dupe the target into calling a call center to…

View On WordPress

Microsoft, allarme per il virus “atipico”: come funziona la truffa informatica - QuiFinanza

Microsoft, allarme per il virus “atipico”: come funziona la truffa informatica – QuiFinanza

#Cloudcity | #ITNews | @SilvioTorre https://quifinanza.it/innovazione/video/microsoft-virus-informatico-cobalt-strike-bazacall/504675/ Microsoft, allarme per il virus “atipico”: come funziona la truffa informatica  QuiFinanza

View On WordPress

BazarCall Callback Phishing Attacks Constantly Evolving Its Social Engineering Tactics

The Hacker News : The operators behind the BazaCall call back phishing method have continued to evolve with updated social engineering tactics to deploy malware on targeted networks. The scheme eventually acts as an entry point to conduct financial fraud or the delivery of next-stage payloads such as ransomware, cybersecurity company Trellix said in a report published last week. Primary targets of the latest http://dlvr.it/SZvlS1 Posted by : Mohit Kumar ( Hacker )

#Microsoft has issued a warning about an ongoing malicious campaign employs uses fake call centers to trick users into downloading BazaLoader #malware that can sniff data and install #ransomware. Read details: https://t.co/TbrO2Ru6qX #BazaCall #hacking #infosec #cybersecurity (via Twitter http://twitter.com/TheHackersNews/status/1420992801274171398)