Although it might sound like it, BazarCall is not the latest TikTok/social media trend. Despite its “fun” sounding name, it is in fact the latest attack method being used by cybercriminals to trick people into downloading malicious files onto their computers. It has been growing in popularity with hackers throughout 2022 and was responsible for 10% of malware incidents observed by CFC Underwriting in the last quarter.
How does a BazarCall work?
This new attack methodology uses a phishing email to trick the victim into phoning a call centre, rather than clicking a link, and instructs them to download a malicious file that then infects the users’ computers.
Why is it causing so much concern?
Although many companies now have cyber security measures in place, one reason the BazarCall methodology is proving so successful for hackers is because it doesn’t require users to click on a link – something you’d expect from a normal phishing email – making it easy to bypass usual cyber security email filters. Secondly, the BazarCall approach further weakens security controls by getting the user to download the malware themselves. In more typical cyber-attacks the hacker needs to penetrate the users network first.
Typically, businesses educating their employees on cyber awareness focus on phishing emails and social engineering but don’t often include warnings about phone-oriented attacks making them more susceptible to BazarCalls.
How can I protect my business from BazarCall?
Advice from CFC Underwriting on protecting your business against these types of attacks include:
- Employee security awareness training: The majority of cyber attacks are the result of human error, particularly employees who inadvertently click on malicious links or fall victim to social engineering. Carry out regular security awareness training with your employees and ensure it covers all types of social engineering attacks
- Keep all software and firmware up to date: Every device needs antivirus software. If an employee downloads a malicious application like the one from BazarCall, or if an application becomes infected, antivirus software along with modern, up-to-date firewalls will help to secure the device and remove the infection
- Implement multifactor authentication (MFA) on all remote connections: MFA can help reduce the amount of movement and privilege hackers can achieve within your systems. Even if your password is in the hands of the criminals, it is unlikely they will have your other forms of verification too
This article provides more information about BazarCall and a transcript of an example conversation between a victim and hoax call center.