Criminals are increasingly using call centers to carry out cyber attacks and also infect their victims with malware after sending them for the first time with Paypal invoices and even tickets to the next Justin Bieber world tour as claims, specialists have warned. The company's security researchers have observed an increase in attacks that rely on victims calling scammers directly and also beginning the interaction after receiving an email with their number, according to a new report from Proofpoint. However, there are 2 types of attacks, one that uses free shadow support software to steal money, while the other, which is commonly associated with BazaCall, uses BazaLoader malware disguised as a document to compromise the victim's computer and access to your accounts.
Counterfeit Bieber
In recent attacks, threat actors have begun sending emails to victims claiming to be representatives of Justin Bieber ticket vendors, computer security services, Covid-XNUMX relief funds, or online retailers with the promise of refunds for incorrect purchases, software upgrades or financial support. . These emails have a customer service number, but when a victim asks for help, she is connected to a malicious assistant from the call center who starts the attack. The clever thing about this new attack procedure is that by asking victims to call on their own, criminals can bypass some automatic threat detection services that are only capable of flagging them as malicious links or email attachments.
Decoy call center
One of Proofpoint's researchers recently identified a financially motivated telephone attack delivery (TOAD) threat that mimicked a Paypal invoice from a US weapons manufacturer. After calling the number on the bill, the scholar was asked to download AnyDesk and also log into his checking account. With Justin Bieber's XNUMX Global Justice Tour scheduled to kick off in February next year, Proofpoint said it has seen the Canadian pop star frequently used as a claim associated with BazaCall threats. After calling the number on a fake bill of entry, the company's scholar was put on hold with Bieber's music playing in the background. At the time the scammer went online, they claimed that someone had placed an order by fault on the scholar's credit card and by going to ziddatcom/code.exe, a refund may occur. After visiting the site, the BazaLoader malware was successfully downloaded to the scholar's virtual machine. What makes call center-based email threats so dangerous is that the criminals behind them do not particularly target victims based on demographics, usage, or location, but rather get their contact details from legitimate data brokers or other telemarketing resources. Proofpoint knows that the victims have lost nearly $XNUMX in an attack, and the threat actor is posing as a NortonLifeLock representative. Aside from Paypal and Justin Bieber, call center-based email threat campaigns frequently impersonate a number of popular brands, including Norton, MacAfee, eBay, GeekSquad, Santander Bank, Amazon, Symantec, and more. To avoid falling victim to this type of attack, users should continue to be vigilant when checking their emails and avoid calling the phones contained in suspicious emails, especially in the case of items that are subject to suspicion. 'That they did not acquire. Safeguard your identity and data online with the best antivirus software, malware removal software, and identity theft protection tools.