Ransomware’s been the star of scary headlines lately — and for good reason. First, a cybercrime gang took over the Colonial Pipeline’s servers, prompting the fuel supplier to shut down 5,500 miles of its services. Here’s how this online attack crippled gasoline delivery on the East Coast.
This attack was like throwing a boulder in an ocean: Water rippled outwards, causing waves in countless sectors. Shortly after this, ransomware attacked JBS USA, causing meat prices to go up. Next, the FBI and the Department of Justice tracked down Colonial Pipeline’s Bitcoin payment to the cybercriminals on June 7.
Crypto investors scrambled in the aftermath, worried about how this would impact future investments. If a ransomware attack can cause chaos in enormous, powerful industries, imagine the damage one could do to you. Unfortunately, one scary new scam tries to wiggle into your life — and take you down from the inside. Microsoft’s cybersecurity researchers are fighting back to keep you safe, but you should prepare to protect yourself.
Here’s how the scam works
You may receive an email that says your trial subscription is expired. You’ll have to pay a monthly fee unless you call a number to cancel the trial, it claims.
“Trial subscription for what?” you might wonder. Of course, there’s no clarification — the email senders are banking on you to panic and call them up for answers.
So you dial the number and start speaking with who you think is a call center operator. In reality, they’re a highly-trained criminal who convinces you to install a program called BazarLoader onto your PC. It will help, they say. In reality, it’s a malware loader used to implant ransomware onto your computer.
Threat Intelligence Analyst Bradley Duncan said the malware creates a backdoor into your Windows device.
“After a client is infected, criminals use this backdoor access to send follow-up malware, scan the environment and exploit other vulnerable hosts on the network.”Bradley Duncan, BazarCall Method: Call Centers Help Spread BazarLoader Malware
Once your computer’s taken over by ransomware, you’re toast. Ransomware will lock your screen, so you can’t take any action. Then, thieves demand you pay a hefty sum for you to get your data back. Tap or click here for helpful tips to defend your computer from ransomware.
Good news: Microsoft’s fighting to keep you safe
BazarCall is the crime team behind this call center scam. After it started sending out phishing emails to Office 365 users, Microsoft’s Security Intelligence team took notice. Check out these examples of scammy emails sent to customers:
We’re tracking an active BazaCall malware campaign leading to human-operated attacks and ransomware deployment. BazaCall campaigns use emails that lure recipients to call a number to cancel their supposed subscription to a certain service. pic.twitter.com/RS5wGSndhv
— Microsoft Security Intelligence (@MsftSecIntel) June 22, 2021
If you want to stay up-to-date on this scam, Microsoft set up a public GitHub that shares new details about the BazarCall campaign.
It’s scary when you think about it. The attackers set up a whole fraudulent call center around this scheme. They might even tell you to download an Excel file or something else.
Bottom line: Watch out for emails that say your free trial subscription is over. If they say you need to cancel it over the phone — or else you’ll have to pay monthly fees — don’t give it another thought. It’s most likely a scam!