Microsoft reminds users to watch out for BazaCall, a ransomware scam

News
By published

Microsoft wants you to listen up.

Microsoft Logo at Ignite
Microsoft Logo at Ignite (Image credit: Windows Central)

What you need to know

  • BazaCall is an elaborate scam involving fraudulent call centers.
  • Should you do what the call center rep asks, you'll end up with ransomware and having your data stolen.
  • Microsoft has addressed this scam before and is now addressing it again.

In June, Microsoft Security Intelligence drew attention to BazaCall, a phony call center scam dedicated to spreading ransomware and making a quick dime off of victims' suffering. Now, Microsoft is back with another update. According to the tech giant, BazaCall is more serious than tech blogs and the media have reported, including reports based on Microsoft's own findings.

How dangerous is the BazaCall campaign's associated malware, exactly? Here's how Microsoft describes it:

"Apart from having backdoor capabilities, the BazaLoader payload from these campaigns also gives a remote attacker hands-on-keyboard control on an affected user's device, which allows for a fast network compromise. In our observation, attacks emanating from the BazaCall threat could move quickly within a network, conduct extensive data exfiltration and credential theft, and distribute ransomware within 48 hours of the initial compromise."

In summary: If you fall for the BazaCall scam email and proceed with the next step, which involves following a phony call center rep's instructions, you'll be giving attackers hands-on control of your device's keyboard, a free pass to steal your data and credentials, and you'll be leaving the door wide open for ransomware distribution within two days of getting got.

That's a lot of damage within a tiny 48-hour window! And the attackers aren't just interested in getting ransomware onto a single device; they'll go after networks if they see an opening. So assume that things are about to get a lot worse than just one machine being held hostage once compromised.

What makes the scam so crafty is that the email that kicks it off isn't inherently dangerous; rather, it's the phone call afterward. If the scammers have convinced you to call them voluntarily, that bodes poorly for your odds of evading the trap's final steps.

CATEGORIES
Robert Carnevale
Robert Carnevale

Robert Carnevale is the News Editor for Windows Central. He's a big fan of Kinect (it lives on in his heart), Sonic the Hedgehog, and the legendary intersection of those two titans, Sonic Free Riders. He is the author of Cold War 2395. Have a useful tip? Send it to robert.carnevale@futurenet.com.

Read more
Microsoft Edge Scareware blocker
How to enable Edge's Scareware blocker and protect yourself from online scams
Microsoft CEO Satya Nadella in front of the Microsoft Copilot AI logo.
Windows 11 pirates have a new and unlikely ally — Microsoft Copilot
Artificial Intelligence AI Assistant Apps - ChatGPT, Anthropic Claude, Google Gemini, Microsoft Copilot, Perplexity, Poe.
Copilot gets a boost from Bing. Microsoft's search engine now promotes Copilot if you search for Gemini, ChatGPT, Grok, or other AI tools.
Microsoft CEO Satya Nadella in front of the Microsoft Copilot AI logo.
Revamped Copilot for Business: Microsoft's answer to gimmicky AI tool allegations?
Satya Nadella on stage at an event in London talking about Copilot
Microsoft killed Skype, confirmed AI in Call of Duty, helped people pirate Windows 11, and began testing Office with ads — ALL IN A SINGLE WEEK
This is fine meme with the Microsoft logo on the dog surrounded by flames.
Microsoft News Roundup: Nightmare week of price hikes, rebrands, and remembering how Bill Gates lost $400 billion
Latest in Microsoft
Cloud servers
Microsoft has killed "several" data center projects in the U.S. and Europe, according to reports — Microsoft responds (Updated)
Steve Ballmer and Bill Gates, former CEOs of Microsoft.
Bill Gates says Satya Nadella almost missed the cut for CEO of Microsoft — Even with Steve Ballmer's support
HP Reverb G2 VR headset
Was Windows Mixed Reality as bad as I remember? I look back at the failed VR platform that was ahead of its time.
Microsoft Majorana 1 chip designed for quantum computing
Microsoft dismisses quantum computing skepticism: "There is a century-old scientific process established by the American Physical Society for resolving disputes"
The Microsoft logo on a smartphone and laptop arranged in Crockett, California, US, on Friday, Dec. 29, 2023.
"Would you say there is a reasonable balance between what you contribute to Microsoft and what you get in return?" Two-thirds of Microsoft employees say YES — as AI engineers get preferential compensation packages.
Like a Dragon Pirate Yakuza in Hawaii screenshot
Microsoft blocks (some) Windows 11 pirates while Lenovo steals the show at Mobile World Congress
Latest in News
Spongebob meme with Xbox logo, Steam logo, and PlayStation logo
Would PlayStation block its PC Steam games from running on a future Windows-based PC-like Xbox? Let's discuss.
Screenshot of Assassin's Creed Shadows.
Assassin's Creed Shadows crosses 3 million players just a week after launch
The Backbone One Xbox Edition mobile controller which is translucent green
Backbone launches Xbox version of its popular mobile controller — it's green!
Office 365 on Razer laptop
Microsoft Office apps are about to get a speed boost
NVIDIA CES 2025
You should be worried about NVIDIA’s launch strategy for its most popular GPUs. Here's why.
Two hands holding a gaming handheld
This new gaming handheld could be perfect for Xbox Cloud and more reasonably priced than my current go-to