Security News > 2022 > June > Voicemail Scam Steals Microsoft Credentials

Attackers are using an oft-used and still effective lure to steal credentials to key Microsoft apps by sending emails notifying potential victims that they have a voicemail message, researchers have found.

One aspect of the campaign that does set it apart from other similarly themed attacks is that it involves "More research and effort as the attacks are customized for each target," he said.

Attackers aim to lure victims with an email that informs them that they have a new voicemail in a message that appears to be coming from the targeted organization, according to ThreatLabZ. They use an address in the "From" field that mimics the targeted organization's name as well as logo branding on the mail itself to appear legitimate.

This previously used tactic also helps attackers " evade automated URL analysis tools," a tactic also used in the July 2020 campaign, according to ThreatLabZ. If a victim follows through on the CAPTCHA, he or she is then redirected to legitimate-looking Microsoft Office 365 sign-in page to enter credentials on a site controlled by attackers, according to the post.

As the campaign remains active, both ThreatLabZ and KnowBe4's Kron recommend that organizations reiterate secure email practices with their employees to ensure that they're not giving up their credentials to attackers.

Organizations should train employees on how to spot and report phishing attacks, as well as how to check the browser's URL bar to ensure the website where they are entering credentials is legitimate, Kron said.

News URL

https://threatpost.com/voicemail-phishing-scam-steals-microsoft-credentials/180005/