Attackers phish Office 365 users with fake voicemail messages

Office 365 users are a constant target for phishers because their accounts can give access to high-value company data and systems. Hackers have now stepped up their game with new attacks that use audio files masquerading as voicemails to trick users into exposing their passwords.

The new campaign was observed over the past few weeks by researchers from security firm McAfee and targeted organizations from many industries including services, finance, IT, retail, insurance, manufacturing, infrastructure, energy, government, legal, education, healthcare and transportation. “A wide range of employees were targeted, from middle management to executive level staff,” the McAfee researchers said in a report released today. “We believe that this is a ‘phishing’ and ‘whaling’ campaign.”

Whaling is a type of phishing that is aimed at senior executives, department managers and other high-value targets inside organizations by using lures they are likely to be interested in and fall for.

How the Office 365 phishing campaign works

The rogue emails contain Microsoft’s logo and inform recipients that they’ve missed a call from a particular phone number. The messages include information such as caller ID, date, call duration, organization name and a reference number.

The emails have HTML attachments, which, if opened, redirect users to a phishing site that tells them Microsoft is fetching their voicemail and asks them to login to access it. During this step, the page plays a short audio recording of someone speaking that is meant to trick victims into believing they’re listening to the beginning of a legitimate voicemail.

“What sets this phishing campaign apart from others is the fact that it incorporates audio to create a sense of urgency which, in turn, prompts victims to access the malicious link,” the researchers said. “This gives the attacker the upper hand in the social engineering side of this campaign.”

Copyright © 2019 IDG Communications, Inc.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *