McAfee security researchers have discovered a new phishing campaign where scams spoof victims through fake voicemails and steal their Office365 login credentials.
According to reports, the scam mainly uses fraudulent email attachments, which include an HTML file attachment, pretending to notify the victim that they have made a wrong call and requesting to log in to their account to access voicemail. When the victim loads the file, it automatically plays the fake voicemail and redirects the user to the phishing site, prompting the user to log in to their account. After entering the password, the victim will receive a successful login message and be redirected to the legitimate office.com website.
In the process, an attacker took the opportunity to steal login information, including email addresses, passwords, IP addresses, and locations. The campaign targets middle-level managers and executives in different industries such as finance, information technology services, retail, and insurance.
“The goal of malicious actors is to harvest as many credentials as possible, to gain access to potentially sensitive information and open the possibility of impersonation of staff, which could be very damaging to the company,” McAfee researchers said. Once the victim reuses the same password, it can have more serious consequences and be more vulnerable to more targeted attacks.
Currently, Office365 has more than 180 million active users per month and has become the main target of complex phishing attacks. It is recommended that relevant users should be cautious in opening unidentified sources of mail to avoid being fooled!