CFC, a specialist provider in the cyber insurance market, delivered a warning about an emerging method of ransomware attack targeting small businesses.
According to CFC’s in-house cyber threat analysis team, the attack method– known as “BazarCall” has been growing in use among well-known ransomware groups and is responsible for an increasing number of malware infections observed by CFC over the past three months.
Rather than tricking victims into clicking a link in a phishing email, the BazarCall method subverts common cyber security controls by using a phishing email to instead trick victims into phoning a call center. Callers are then instructed them to download malicious software and infect their own computers.
From there, the hackers can carry out their ransomware attacks undetected.
“Making the victim do all the heavy lifting is a notable shift from the more traditional hacking attack vectors” said Tom Bennett, CFC’s cyber threat analysis team leader, in a media statement. “Unfortunately most workplace education around phishing emails doesn’t warn about this type of social engineering, so it represents a significant new threat,” he said.
According to Bennett, BazarCall accounted for nearly 10 percent of the malware incidents CFC has detected across its own portfolio over the last three months, but to date the company has been able to prevent cyber claims stemming from these infections.
To do so, CFC’s cyber threat analysis team proactively detects threats and intervenes on behalf of its cyber customers: in the case of BazarCall, CFC’s team can identify whether a specific victim at the organization has received the BazarCall phishing email; whether that victim has called the phone number within the email; and if the malware has been installed on their system.