A fake voice message lures victims to a fake Microsoft 365 login page that prompts them to enter credentials.
Ongoing phishing scams have been spotted targeting Microsoft Office 365 with partial audio voicemail messages to convince targets that they need to login to hear the full recording.
The attack starts with an email informing victims they missed a phone call and instructing them to log into their accounts to access a voicemail. When they load the attached HTML file, it redirects them to a phishing website. Different variances of this; in most recent attacks, it contains an audio recording disguised to sound like the beginning of a real voicemail.
When redirected, victims see a phishing page prompting them to log into their Microsoft accounts. The page is pre-populated with their email addresses, researchers say, a tactic intended to make the scam seem legitimate. Victims who enter their passwords are sent to another page saying the account was “successfully confirmed” before they’re redirected to the Office login page.
An example of the malicious email is shown below:
A common complaint by many business owners in recent months has been spam emails appearing to come from their own accounts. Despite not knowing why, reports of friends, family, and contacts receiving spam email that appears to come from them has worried many people.
Some have had their accounts suspended or shut down by their service providers as a result. For many, this experience can be highly disruptive. It’s a problem that can cause many issues in both your professional and personal life.
The key to defence is learning how these attacks happen, and figuring out what you can do to protect yourself and your contacts against them.
Hackers Using Your Email Against You
Scammers that send out spam messages are continually looking for ways to make the process faster, cheaper, and more efficient. It’s the best way in which they can make more money every day by scamming unsuspecting victims for even more cash.
One of the most efficient ways they do this is by hijacking ready-made trusted email accounts like your own. Hackers have several tools at their disposal to attempt to hijack your accounts.
Some of the principles which make email fast and easy to use means that details, such as those in the ‘from’ field, are easy to fake. A hacker might change the information supplied to make it appear as if the email comes from anyone.
There’s not much you can do to defend your email against such an attack. However, you can work to verify that an email, even one you expect to receive, does come from the person you believe it to. If your email provider flags up an incoming email as ‘suspicious’, or ‘untrustworthy’, it may well be.
Hackers often buy large bundles of email addresses and passwords from the dark web. Leaked emails are often put up for sale following hacks of major companies and service providers.
The value of these details comes from passwords being unlikely to have been changed, the details attached to them are trusted, and often get hackers to access additional services too.
How To Detect an Email Intrusion
It can take a long time before you’re aware that malicious hackers are using your details. You might even be the last person in your contacts to know.
The first sign to look out for is a large number of unexpected emails in your inbox. These are likely to be replies to emails you never sent in the first place. Out of office, automatic responses, people complaining about spam, and people responding to the email as if it were genuine may all come to you first.
Keep a close eye on unexpected emails appearing suddenly in either your inbox or outbox. A hacker may be spear-phishing someone that you do business with or trust. By acting as you, using your address and details, they may be able to divert payments or confidential information to their accounts instead.
Protecting Yourself Against Hackers, Attackers, And Hijackers
Sometimes your computer might have been compromised to give hackers access to your services. Malicious software may have infected your machine to steal data and infect your contacts.
Take extra care to change your passwords if you believe your email has been accessed by hacker. Use a different, more secure password for your email than you do for every other service. Your email account is often the key to accessing many of the services you use most.
Run a virus scan and maintain security updates if you think your computer could have been infected. Have your machine and services looked at by a professional if you believe there is a risk your data is being used.
If you think your email could have been hijacked, or your details used elsewhere, Contact National PC – Townsville and Burdekin Cyber Security Specialists. Make sure your business doesn’t become a Sitting Duck.