At least three groups of cybercriminals, oblivious to each other, have started using the ransomware Conti for your BazarCall phishing tactics. This cyberattack method has become the primary method they use to gain access to their victims’ network.
The BazarCall method is also known as the fraud of the callback, which was detected in early 2021. Previously, they used Ryuz ransomware for their criminal operations, but this has been renamed to Conti.
The virus responsible for ‘hijacking’ data is difficult to detect and stop due to social engineering. LMost of the time, attackers target these cybercrimes at company or agency workers.
What is the callback scam?
First, cybercriminals often send a email about a supposed subscription that the user is paying for. The message falsely details that it is about to renew automatically and that, if you want to cancel, the recipient must call a specific number.
Those who fall into the trap and call the number provided in the email are actually calling the attacker who has social engineering. The cyber criminal convinces the victim to log in remote access through legitimate software which does not suspect his true intentions. While the scammer distracts the victim, he commits the web of him.
At the moment, three groups of cybercriminals are known to use Conti to perform the BazarCall method or a similar version: Silent Ransom Group, Quantum and Roy/Zeon.