Fake voicemail notifications are after Office365, Outlook credentials

2022-06-21 08:13

A phishing campaign using fake voicemail notifications has been and is still targeting various US-based organizations, in an attempt to grab employees' Office365 and Outlook login credentials, Zscaler warns.

The campaing seems to be a repeat of a previous, similar one, and targets security solution providers, software security developers, supply-chain organizations in manufacturing and shipping, healthcare and pharmaceutical firms, and the US military.

Zscaler was one among the targeted organizations, which allowed them to analyze the campaign in full.

"To make the notification more believable, the attackers make sure that the email's 'From" field specifically mentions the targeted organization's name.

The attached HTML file contains encoded JavaScript that ultimately directs the target to an attacker-controlled site, the URL of which is specifically crafted for the targeted individual and the targeted organization.

"The goal of the threat actor is to steal credentials of Office365 and Outlook accounts, both of which are widely used in large enterprises," Zscaler researchers say.

News URL

https://www.helpnetsecurity.com/2022/06/21/fake-voicemail-office365/

#credential #office365 #outlook