BazarCall Phishing Attacks Trending from Conti Affiliates
Industry: N/A | Level: Strategic | Source: AdvIntel
Researchers from AdvIntel discovered a resurgence of BazarCall social engineering tactics driven by Conti affiliates, since March 2022. "At the time of this post, three autonomous threat groups have since adopted and independently developed their own targeted phishing tactics derived from the call back phishing methodology." The three groups identified to use BazarCall tactics are Silent Ransom, Quantum, and Roy/Zeon. The BazarCall phishing scheme involves threat actors crafting an urgent email often themed as a message stressing the need to cancel a subscription before a charge is made to the user’s account. However, as opposed to web links or malicious attachments, recipients are provided a phone number to a call center where the agent will convince the victim to start a remote access session with them. BazarCall leaders created this scheme to revive phishing techniques that have appeared to become stale. AdvIntel's tracking BazarCall attacks by industry finds manufacturing entities as the most popular target followed by technology, finance, legal, and retail.