Security News > 2022 > June > Microsoft 365 credentials targeted in new fake voicemail campaign
A new phishing campaign has been targeting U.S. organizations in the military, security software, manufacturing supply chain, healthcare and pharmaceutical sectors to steal Microsoft Office 365 and Outlook credentials.
The operation is ongoing and the threat actor behind it uses fake voicemail notifications to lure victims into opening a malicious HTML attachment.
In reality, the file contains obfuscated JavaScript code that takes the victim to a phishing site.
The CAPTCHA check was also used in a 2020 campaign that ZScaler's ThreatLabZ researchers analyzed and it continues to be an effective middle step that helps increase the phishing success rate.
Once the users pass this step, they are redirected to a genuine-looking phishing page that steals Microsoft Office 365 accounts.
Voicemail-themed phishing using HTML attachments has been used since at least 2019, but it is still effective, especially with careless employees.
News URL
Related news
- Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API (source)
- Microsoft MFA outage blocking access to Microsoft 365 apps (source)
- Azure, Microsoft 365 MFA outage locks out users across regions (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- New 'Sneaky 2FA' Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass (source)
- Microsoft fixes Office 365 apps crashing on Windows Server systems (source)
- Microsoft investigates Microsoft 365 outage affecting users, admins (source)
- Microsoft SharePoint Connector Flaw Could've Enabled Credential Theft Across Power Platform (source)
- Hackers spoof Microsoft ADFS login pages to steal credentials (source)