Because the malware isn’t in a link or document within the email itself, the scam helps attackers bypass some phishing and malware detecting services, Microsoft researchers noted in a report Thursday. The ongoing malware campaign that uses sham call centers to deceive people into accessing malicious software may be riskier than previously thought. The technique, initially discovered by the business in May, involves attackers impersonating subscription service providers and luring victims onto the phone to cancel a non-existent membership. Once they arrive, the call center employee instructs them on how to install malware on their machine.
https://www.cyberscoop.com/criminals-call-centers-ransomware-microsoft/
