What is BazarCall?
BazarCall, also known as call back phishing, is a method used by cybercriminals to target victims in elaborate ways.
The threat actor typically does the following
- Sends a legitimate-looking email to targets, pretending they have subscribed to a service with automatic payment.
- The email contains a phone number. There is no other way to reach the subscription service other than making a phone call.
- Victims call the number and are convinved by the threat actor to allow remote control of their desktop to help them cancel without any stress.
- Once complete the threat actor has a functional backdoor to the victims computer.
How to protect from this threat?
The initial email sent by the attackers should already raise suspicion. While it impersonates legitimate services, it is sent from third party email services, often contains some mistakes in its content or form and only one form of contact (usually a phone number) is provided.
Email security solutions should be deployed in order to detect such phishing emails, in addition to antivirus and security software.
No user should ever provide remote desktop access to anyone who is not truly identified and trusted.
All operating systems and software should always be up to date and patched, to prevent from being compromised by a common vulnerability.
Source: Article here