Office 365 Voicemail Phishing Campaign: Here’s What MSSPs Need to Know
Cybercriminals are using fake voicemail message to lure victims into entering their Microsoft Office 365 email credentials as part of a new phishing campaign, according to McAfee Labs, the threat research division of antivirus and cloud and endpoint security company McAfee.
McAfee Labs researchers discovered three different malicious kits during their phishing campaign investigation. They also noted that cybercriminals have targeted several high-profile companies as part of the phishing campaign.
How Do the Office 365 Voicemail Phishing Attacks Work?
A voicemail phishing attack begins when a victim receives an email, which informs the victim about a missed phone call and a request to access his or her voicemail. The email contains an HTML file attachment, and when the attachment is opened, the victim is redirected to a phishing website. Recent versions of the HTML file attachment contain an audio recording of someone talking; this leads a victim to believe that he or she is listening to a legitimate voicemail, McAfee Labs researchers indicated.
Once a victim goes to the phishing website, the victim is asked to log into his or her account. Next, the victim’s email address is prepopulated when the website is loaded. When the victim’s password is entered, he or she is presented with a successful login page and redirected to the office.com login page. Finally, cybercriminals harvest a victim’s email address, password, IP address and region from the phishing site.
McAfee Labs has recommended that Office 365 users be vigilant when opening emails and avoid opening emails from unknown senders to combat voicemail phishing attacks. In addition, McAfee Labs has recommended that users leverage different passwords for different services and two-factor authentication.