Microsoft, via its Security Intelligence account on Twitter, has issued a warning to Windows users of a new type of phishing scam that involves emails requesting users to dial a call center. They warn users to not dial the call center because following the instructions given by a human operator can lead to malware infections. The malware scam only works with Windows computers that have Microsoft Excel.
The new threat involves BazarLoader, a type of malware that allows backdoor access to infected computers. BazarLoader works by allowing criminals to sneak in through a hidden backdoor on a user’s computer, which allows them to install viruses or other types of malware. Over the past several years, criminals have used different methods to trick users into carrying out instructions that allow BazarLoader to infect their computer. In this new campaign, Microsoft reports that such criminals are using an email/call center approach.
The new approach involves an email sent to users. The email claims that a trial subscription is about to expire and that the user’s credit card is going to be used to automatically charge them unless they dial a specified number. If a user falls for the message and calls the center, a human being answers and claims that all they need to do is download a certain Excel spreadsheet.
Comments are closed.