Password stealing scams vary widely. Hackers can use a wide variety of tricks and strategies to achieve their goal. This time it is a combination of email and phone call . They want the victim to download malware to later have a free hand and steal their keys or launch a ransomware attack. We are going to explain what it consists of.
Phishing that combines calls and emails
The end goal is the same as always: trick a user into agreeing to install a program, log in, or download a file. In this way, the attacker may have the possibility of stealing passwords or installing malware with which to control the computer or even request a financial ransom, as is the case with ransomware .
On this occasion the victim receives an e-mail, a classic in online scams, in which they are told that they have a subscription on a payment platform and that to cancel it they have to call a phone number provided. The unsuspecting user may be alarmed and think that their account has been stolen or there has been some problem and someone has subscribed to that service.
Once you call on the phone, you find that you are told that to cancel the subscription you have to download a file. Those responsible for “telephone assistance” indicate the steps to follow until that user has downloaded and installed what is actually the payload of the malware.
Specifically, it is a supposed subscription to a Streaming service . Sure, nowadays it is very common for users to register on platforms such as Netflix or HBO. It is a reality that much personal data ends up on the Dark Web and can be used by third parties to steal information and carry out fraudulent subscriptions.
Once the victim follows the steps indicated in that phone call, download and install BazaLoader . What this threat does is create a back door in Windows. The attacker will have full control over the system and can deploy different strategies and sneak other varieties of malware.
Password theft, ransomware and full control
When the attacker has achieved his goal and the victim has installed BazaLoader, he can steal information, files and infect the computer in many different ways. One of those attacks can be to sneak ransomware , as is the case with Ryuk, which usually comes through this malicious software.
In this way the hacker will be able to profit. After all, ransomware is one of the most used strategies to infect computers and obtain an economic benefit later. Hence, it is essential to be protected.
But this trick can not only end in this particular campaign. On this occasion they indicate that the victim has subscribed to a trial of a Streaming platform and that they will later charge him if he does not cancel it previously. Similar strategies, also making use of a phone call, can end in a similar ending, with the access codes stolen or the computer infected with some variety of malware.
To avoid this, common sense will be essential. We must never make mistakes that could affect our safety. It is essential to know how to recognize a website as a Phishing attack, as well as having security programs that can protect us.
