Email Bombs and Fake IT Calls: The Hilarious New Moves by Ransomware Gangs
Ransomware gangs are using email bombing and Microsoft Teams calls to trick employees into installing malware. These crafty crooks pose as tech support, gaining remote access to networks. Organizations are urged to block external domains on Teams and disable Quick Assist to counter these deceptive tactics. Stay vigilant, folks!
Hot Take:
We always knew spam was annoying, but now it’s downright dangerous! These hackers are taking email bombing to new heights, or should we say, new lows? Who knew Microsoft Teams could double as a heist movie plot device? Maybe it’s time for IT departments to brush up on their social engineering tactics—after all, the only “Help Desk Manager” here is the one trying to steal your passwords!
Key Points:
- Ransomware groups are employing email bombing followed by impersonating tech support in Microsoft Teams to gain remote access.
- These tactics have been linked to the Black Basta ransomware group and possibly the FIN7 cybercrime gang.
- Hackers exploit Microsoft Teams’ default settings to initiate calls and chats from external domains.
- Multiple campaigns have used Java and Python scripts to establish remote control and deploy ransomware.
- Organizations are advised to block external access on Microsoft Teams and disable Quick Assist to thwart such attacks.
Already a member? Log in here