Battling BazaCall BuzzKill
Security Unlocked
English - September 01, 2021 07:05 - 35 minutes - ★★★★ - 56 ratingsTechnology security security ai artificial intelligence machine learning microsoft microsoft security microsoft ai microsoft ml microsoft security ai nic fillingham Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
It's finally Friday. You successfully made it through another week and the weekend is so close you can taste it. You pour yourself a bowl of your favorite cereal, but before you can get that first bite your phone rings. It's a random number, but for some reason you're feeling chatty and decide to answer. Unfortunately, it's a robot that somehow knows your name and is asking for your social security number, home address, and password from that first AOL account you made in 1998! It’s easy to recognize classic scams like these, but some of the newer, creative scams can be more challenging to identify. One of these is called BazaCall, and they don’t call you – oh, no. BazaCall will have YOU calling THEM!
In this episode of Security Unlocked, host Natalia Godyla is re-joined by Microsoft Threat Analysts Emily Hacker and Justin Carroll to talk about a relatively new delivery method for malware and ransomware called BazaCall campaigns. They discuss the different delivery methods used, how attackers evade detection, and where the attack chain begins.
In This Episode You Will Learn:
What makes BazaCall campaigns unique from other email/phone scams
How the delivery system works
About a new technique called “double extorsion”
Some Questions We Ask:
What is the flow of the attack chain?
What are some new tactics used by BazaCall centers?
How can organizations mitigate attacks?
Resources:
BazaCall: Phony call centers lead to exfiltration and ransomware
View Emily on LinkedIn
View Justin on LinkedIn
View Natalia on LinkedIn
Related:
Listen to: Afternoon Cyber Tea with Ann Johnson
Listen to: Security Unlocked
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.
It's finally Friday. You successfully made it through another week and the weekend is so close you can taste it. You pour yourself a bowl of your favorite cereal, but before you can get that first bite your phone rings. It's a random number, but for some reason you're feeling chatty and decide to answer. Unfortunately, it's a robot that somehow knows your name and is asking for your social security number, home address, and password from that first AOL account you made in 1998! It’s easy to recognize classic scams like these, but some of the newer, creative scams can be more challenging to identify. One of these is called BazaCall, and they don’t call you – oh, no. BazaCall will have YOU calling THEM!
In this episode of Security Unlocked, host Natalia Godyla is re-joined by Microsoft Threat Analysts Emily Hacker and Justin Carroll to talk about a relatively new delivery method for malware and ransomware called BazaCall campaigns. They discuss the different delivery methods used, how attackers evade detection, and where the attack chain begins.
In This Episode You Will Learn:
What makes BazaCall campaigns unique from other email/phone scams
How the delivery system works
About a new technique called “double extorsion”
Some Questions We Ask:
What is the flow of the attack chain?
What are some new tactics used by BazaCall centers?
How can organizations mitigate attacks?
Resources:
BazaCall: Phony call centers lead to exfiltration and ransomware
View Emily on LinkedIn
View Justin on LinkedIn
View Natalia on LinkedIn
Related:
Listen to: Afternoon Cyber Tea with Ann Johnson
Listen to: Security Unlocked
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.