We use cookies to improve this site and enable full functionality. You can change your cookie settings at any time using your browser. Our cookie policy.

Insurer sounds warning bell on “BazarCall” ransomware attack

Insurer sounds warning bell on “BazarCall” ransomware attack | Insurance Business UK

Insurer sounds warning bell on “BazarCall” ransomware attack

Correction: Note this report originally stated “the company hasn’t been able to prevent cyber claims related to BazarCall attacks”. This was an error. The sentence should have read “the company has been able to prevent cyber claims related to BazarCall attacks.” The story has now been updated.

There is a new type of ransomware attack targeting small businesses and it has already caused “an increasing number” of malware infections over the last three months, according to cyber insurance leader CFC.

Dubbed ‘BazarCall,” CFC’s cyber threat analysis team noted that this new attack subverts common safeguard controls through the use of a phishing email intended to trick victims into phoning a call centre. Upon contact, they’re instructed to download malicious software that will infect their computers and enable hackers to carry out ransomware attacks without being detected.

“Making the victim do all the heavy lifting is a notable shift from the more traditional hacking attack vectors,” said Tom Bennett, leader of the cyber threat analysis team. “Unfortunately, most workplace education around phishing emails doesn’t warn about this type of social engineering, so it represents a significant new threat.”

Bennett explained that the BazarCall attack accounted for almost 10% of malware incidents detected by CFC across its portfolio in the past three months.

So far, the company has been able to prevent cyber claims related to BazarCall attacks. Preventing these attacks requires methods that are more proactive. For CFC’s team, this means identifying whether a specific victim at the organisation has received the BazarCall phishing email, whether they’ve called the phone number indicated in the email, and if the malware has already been installed on their computer.

“To date we have detected and removed every case of this malware within our impacted customers, at no cost to them,” added Bennett. “But we must all remain vigilant – cyber criminals are motivated, well-funded and well-organised. And they are constantly revising their attacks. That’s why we’ve built our dedicated cyber security team to help our customers protect themselves and prevent incidents before they happen.”