Consumers have been warned of a significant increase in call center threat activity, in which attackers use email alongside call center customer service agents to defraud victims, sometimes for dozens. thousands of dollars.
According to cybersecurity firm Proofpoint, attack delivery over the phone (TOAD) generally comes in two forms. One uses free and legitimate remote assistance software to steal money, while the other uses malware, such as BazaLoder, disguised as a document to compromise a computer. These techniques begin with an email claiming to be from a legitimate source. The emails contain a phone number for customer support, and when the recipient calls the number, they are connected to a malicious call center attendant. The customer service representative will then verbally guide the victim through different types of user interaction, such as downloading a malicious file, allowing them to remotely access their machine or downloading a malicious application to remote access.
Proofpoint said recent lures have included Justin Bieber ticket vendors, computer security services, COVID-19 relief funds, online retailers pledging refunds for erroneous purchases, software updates and financial support. .
These attacks can “change the lives” of victims, with the vendor noting that nearly $ 50,000 was lost in a single instance in which the threat actor masqueraded as NortonLifeLock.
Researchers were able to identify many attacks as originating from India, with multiple clusters of activity occurring in Kolkata, Mumbai and New Delhi. Interestingly, they discovered that many of these malicious call centers are designed as legitimate businesses, with leases signed on buildings claiming to be telemarketers or other phone-based companies. In addition, local job seekers are often recruited to support the operation.
The report states that these attacks are not targeted and that the contact lists are most likely obtained from legitimate data brokerage companies or other telemarketer resources.
Commenting on the research, Sherrod DeGrippo, vice president of research and threat detection at Proofpoint, said: The most vigilant email recipient. If you respond in an attempt to dispute the accusations, what follows is an elaborate chain of infection that requires significant human interaction and leads victims into the rabbit hole of the worst fake customer service experience imaginable – an experience that ultimately flies. your money or leaves a malware infection.