In June, Microsoft Security Intelligence drew attention to BazaCall, a phony call center scam dedicated to spreading ransomware and making a quick dime off of victims’ suffering. Now, Microsoft is back with another update. According to the tech giant, BazaCall is more serious than tech blogs and the media have reported, including reports based on Microsoft’s own findings.
How dangerous is the BazaCall campaign’s associated malware, exactly? Here’s how Microsoft describes it:
“Apart from having backdoor capabilities, the BazaLoader payload from these campaigns also gives a remote attacker hands-on-keyboard control on an affected user’s device, which allows for a fast network compromise. In our observation, attacks emanating from the BazaCall threat could move quickly within a network, conduct extensive data exfiltration and credential theft, and distribute ransomware within 48 hours of the initial compromise.”
In summary: If you fall for the BazaCall scam email and proceed with the next step, which involves following a phony call center rep’s instructions, you’ll be giving attackers hands-on control of your device’s keyboard, a free pass to steal your data and credentials, and you’ll be leaving the door wide open for ransomware distribution within two days of getting got.
That’s a lot of damage within a tiny 48-hour window! And the attackers aren’t just interested in getting ransomware onto a single device; they’ll go after networks if they see an opening. So assume that things are about to get a lot worse than just one machine being held hostage once compromised.
What makes the scam so crafty is that the email that kicks it off isn’t inherently dangerous; rather, it’s the phone call afterward. If the scammers have convinced you to call them voluntarily, that bodes poorly for your odds of evading the trap’s final steps.
We may earn a commission for purchases using our links. Learn more.