Microsoft 365 Users Are Being Targeted in Latest Round of Phishing Attacks
“We're tracking an active BazaCall malware campaign leading to human-operated attacks and ransomware deployment,” MSI shared
Microsoft is warning Microsoft 365 users to beware of phishing emails claiming their “Free Trial Subscription” is due, urging users to call and cancel subscriptions before monthly fees begin.
The cybercriminal organization, Bazarcall, is using an elaborate scheme to trick Office users into allowing them backdoor access into their infected systems and deploying ransomware while the user is unaware of any of this happening.
Microsoft’s Security Intelligence Team (MSI) has outlined how the group is infiltrating Windows devices. Once users take action with their expiring free trial subscription email, they are directed to call into a call centre operator run by BazarCall in order to avoid monthly fees. "When recipients call the number, a fraudulent call center operated by the attackers instruct them to visit a website and download an Excel file in order to cancel the service. The Excel file contains a malicious macro that downloads the payload," Microsoft Security Intelligence explain.
Once the excel file is downloaded, the malware then provides backdoor access for the group to send follow-up malware that scans your environment, looking to exploit other vulnerabilities.
While MIS is currently focused on the group’s emails that are targeting Office 365 users, it is critical to warn employees that are using Windows devices to be aware of such schemes. Although MIS states that Microsoft 365 Defender is able to identify and defend from such fraudulent emails, things do fall between the cracks and it is ultimately left to users to either take action or ignore such requests. Combining cyber security awareness training with business grade cyber security tools further increases your staff’s ability to see through attempts such as these in order to keep your organization safe.
Do you need help protecting your staff with Microsoft 365 security?
Microsoft office products are widely used across most business making Microsoft 365 the most targeted platform. With concerning trends of exploiting businesses through email fraud and other hidden vulnerabilities in their Microsoft Office apps, it is important to know how you can protect your staff and your business to any potential threats for Microsoft 365.
Read more about Microsoft 365 Security Today